...
Name | Role | Notes | Action Items | ||
---|---|---|---|---|---|
Mark Reese | Product Owner | mreese@element84.com | |||
Ryan Abbott | Technical POC | ryan@element84.com | |||
Operations POC | Security POC | ||||
<add rows as needed> |
Name | Role | Notes | Action Items | ||
---|---|---|---|---|---|
Radhika Guntur | Product Owner | radhika.guntur@nasa.gov | |||
Radhika GunturOperations Lead | Scrum Master | <add rows as needed>radhika.guntur@nasa.gov | |||
Ben Williams | Platform Train Product Manager | benjamin.j.williams@nasa.gov |
Name | Role | Notes | Action Items | |
---|---|---|---|---|
Valerie Dixon | App Admin<add rows as needed> | valerie.dixon@nasa.gov |
Name | Role | Notes | Action Items | |
---|---|---|---|---|
Chris Mishaga | ESDIS Security<add rows as needed> | christopher.a.mishaga@nasa.gov | ||
Rob Andersen | ESDIS Security | robert.h.andersen@nasa.gov | ||
Rajiv Gunja | ESDIS Security | rajiv.g.gunja@nasa.gov |
...
...
Validation Item | Completed (Y / N) | Reference Artifact, Link, or Comment if needed | Notes | Action Items |
---|---|---|---|---|
Has the application team conducted network connectivity and performance testing for any data egress flows and confirmed existing egress options are sufficient to meet application needs? | Y | Egress from Access is extremely minimal. Given that use of Access is limited and the nature of the application, there will be almost no discernable change in egress as a result of deploying Access to NGAP. | ||
Has the application team conducted testing to ensure application continues to operate while in a bandwidth throttled mode? (not mandatory but recommended for high volume S3 distributors) | N | |||
Is application team aware of AUTOMATED egress related cost monitoring, alerting, and enforcements?
| Y | |||
Have both application team and platform team received approved egress cap and throttling threshold values from ESDIS? | ||||
<add rows as needed> |
...
Validation Item | Completed (Y / N) | Reference Artifact, Link, or Comment if needed | Notes | Action Items |
---|---|---|---|---|
Does application team have an ESDIS approved Cost-Model on file? | ||||
Does target EDC account(s) have sufficient funds allocated in CloudTamer for anticipated cloud costs? | ||||
Is application team aware of AUTOMATED AWS account level cost monitoring, alerting, and enforcements?
Manual actions to delete resources will be considered above Freeze-Spend and Circuit Breaker levels | Y | |||
Are CloudTamer budget-based notifications configured to send emails to all desired app-team individuals? | Y | NASD-2736 filed to enable this. | ||
Is application team aware of AWS options for monitoring and alerting on cloud costs expenditures specific to their account and use-case
| Y | |||
Does application team have a process to monitor / audit cloud expenditures and take action if required? | Y | |||
<add rows as needed> |
NGAP References:
...
Validation Item | Completed (Y / N) | Reference Artifact, Link, or Comment if needed | Notes | Action Items |
---|---|---|---|---|
Does application team have processes in place to address operations issues that arise with their application in the EDC? | Y | |||
Do application team and platform team have a common understanding of the shared operational responsibilities between:
| Y | |||
Does application team have any "critical" functionality requiring 24/7 on-call platform support? "Critical" is scoped to items where the loss of functionality will irrevocably harm science data retention. (Ex: satellite data will be lost with no means of recovery) | N | |||
Is application team aware of and familiar with NGAP Service Desk (NASD): NASD Link | Y | |||
Is application team aware of and familiar with AWS Enterprise Support | Y | |||
Is application team aware of and subscribed to NGAP Announcements: Subscribe to the Announcements Mailing List | Y | |||
Is application team aware of NGAP / Security Office Hours? Office Hours Link | Y | |||
<add rows as needed> |
...
Validation Item | Completed (Y / N) | Reference Artifact, Link, or Comment if needed | Notes | Action Items |
---|---|---|---|---|
Has the application team reviewed the EDC Tenant Run Rules and confirmed they are able to operate within those rules? Earthdata Cloud Tenant Run Rules | Y | |||
Has the application team noted any needed exceptions / waivers from EDC Tenant Run Rules? If so, have those requests been approved? | Y | None needed | ||
Does the application team have an approved Operational Security Agreement (OSA) on file with ESDIS Security? OSA Template Handbook | ||||
Is application team leveraging EDC CICD for deployments or alternative mechanisms? (NOTE: not required, just for record keeping) | Y | |||
Is application team aware of software vulnerability scanning and reporting requirements?
| Y | |||
Has application team aware of, or been made aware of via ESDIS Security of known vulnerabilities. Are known vulnerabilities addressed, mitigated, or residual risk within acceptable levels? | ||||
Does the application team have processes in place to identify, assess, and address security vulnerabilities if they occur? | ||||
<add rows as needed> |
...