CDCgov / prime-reportstream

ReportStream is a public intermediary tool for delivery of data between different parts of the healthcare ecosystem.

https://reportstream.cdc.gov

Creative Commons Zero v1.0 Universal

72 stars 40 forks source link

Configure azure storage accounts as SFTP servers that senders can connect #16261

Open mkalish opened 3 weeks ago

mkalish commented 3 weeks ago

DevSecOps Issue

Summary

For a new sender coming aboard they'll need the ability to submit files via SFTP which will then trigger the report stream pipeline.

This test account https://portal.azure.com/#@cdc.onmicrosoft.com/resource/subscriptions/7d1e3999-6577-4cd5-b296-f518e5c8e677/resourceGroups/prime-data-hub-test/providers/Microsoft.Storage/storageAccounts/pdhtestsftpsubmit/overview was created as POC and should serve as a template for what needs to get setup.

The only piece that would be new is configuring proper ACL so a configured SFTP user is limited to a specific directory.

Environment

[ ] Local
[x] Dev
[x] Stage
[x] Prod

Priority

[ ] Critical - affecting prod systems
[x] Major - blocking major functionality, deployment, etc
[ ] Minor - improvements, bug fixes
[ ] Nice-to-have - feature request

Blocks the following

List any blockers
Link any Github relevant issues

Blocked by the following

Link to any tickets that add context, etc

Contact

Team: platform

Slack Team Channel:

Slack Contact (Full Name): Arnej

Technical Team Lead: Arnej

How to Reproduce

Screenshots, links, etc. for context

How to Test

Definition of Done

[ ]

Context Links

Git Repo:

Relevant Code Links:

Azure:

Site URL:

Other:

Notes

-

devopsmatt commented 1 week ago

Hi @mkalish I am trying to get this sorted out, but I do not have permissions to access the resource you've pointed to.
Also, once past the access restriction, I will need more detail around the Definition of Done.