Skip to content

Commit

Permalink
Merge pull request #64 from cloud-gov/cweibel-patch-1
Browse files Browse the repository at this point in the history 
Update AC-Policy.md
  • Loading branch information
@pburkholder
pburkholder authored Mar 17, 2023
2 parents ead0fce + 7100722 commit 7879550
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion AC-Policy.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ cloud.gov's access control procedures starts with an offer letter to an individu

Successfully issuing a PIV card allows internal users to obtain credentials for GSA SecureAuth, GSA's enterprise identity system. GSA SecureAuth is used to gate access control to cloud.gov's Operations User Account and Authentication (UAA) Server, which is integrated with GSA SecureAuth.

Technical onboarding to cloud.gov is initiated by the cloud.gov Director, Deputy Director, or Program Manager via creation of an Onboarding issue in the cloud.gov issue tracking system. The issue should include the On-boarding Checklist (https://github.com/cloud-gov/product/blob/master/OnboardingChecklist.md) which ensures the internal user gains proper access and permissions to any systems or tools they need, inclusive of access to Amazon Web Services (AWS). Access to AWS is strictly limited to the System Owner, Cloud Operations, and Cloud Compliance (read-only). The Cloud Operations team member assigned to the issue acts on it once the individual has GSA SecureAuth access and a GSA email account.
Technical onboarding to cloud.gov is initiated by the cloud.gov Director, Deputy Director, or Program Manager via creation of an Onboarding issue in the cloud.gov issue tracking system. The issue should include the On-boarding Checklist (https://github.com/cloud-gov/product/blob/main/.github/ISSUE_TEMPLATE/onboard-platform-ops.md) which ensures the internal user gains proper access and permissions to any systems or tools they need, inclusive of access to Amazon Web Services (AWS). Access to AWS is strictly limited to the System Owner, Cloud Operations, and Cloud Compliance (read-only). The Cloud Operations team member assigned to the issue acts on it once the individual has GSA SecureAuth access and a GSA email account.

The System Owner (or representative) and a quorum of the Cloud Operations meet on a quarterly
basis to review and confirm all team accounts meet requirements for compliance
Expand Down

0 comments on commit 7879550

Please sign in to comment.