Closed jimduff-usds closed 3 years ago
Discuss Palo Alto firewall test / production plan.
Discuss if schema documentation in HTML will exist with the markup files (both at the same time). Looks to me that having both will be useful. Re: https://github.com/CDCgov/prime-data-hub/pull/985
Depending on the above, Sonar flags the HTML as duplicate code.
Need to coordinate changes to third party library versions to make sure they are updated in Gradle. If a change is merged then the current Gradle branch needs to be updates, and once the Gradle branch is merged then I could go back and merge from master and update the Gradle build file in that branch.
There are a lot of pull requests open.
Ron, It's not clear if this affects the WATERS to ReportStream interface
Joe Meree AI Architect DataRobot cell:703-967-4730 @.> @.
From: Ron Heft @.> Sent: Monday, May 3, 2021 10:36 AM To: CDCgov/prime-data-hub @.> Cc: Joe Meree @.>; Mention @.> Subject: Re: [CDCgov/prime-data-hub] Discussion items for May 3 Developer Sync (#986)
Discuss Palo Alto firewall test / production plan.
Scheduled test with Palo Alto team
We need to simulate SFTP / API traffic in Ron's Azure dev environment to validate the Palo Alto is functioning correctly
What do we need to do to prepare and when can we schedule this test
Roll out
All environments will need to be migrated to a new CDC-controlled VNET
Out existing resource groups will be okay
Migration is actually not too bad from a Terraform perspective, needs more planning to minimize outage window
Caveats
The new VNET will remove our VPN and I haven't asked yet, but I doubt we will get the firewall rules approved to allow VPN ingress
CDC's VPN choice is CyberArk and we should use it
Firewall rules are added by port / IP
This means every site we connect to will need a firewall rule request
Palo Alto team is commiting to a 1 week turnaround time or less on new firewall rules, we need to make this part of our onboarding process
If firewall rules become onerous, Palo Alto team is open to explore alternative processes for rule approval
You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com %2FCDCgov%2Fprime-data-hub%2Fissues%2F986%23issuecomment-831301579&data=04%7 C01%7C%7C08fc10e02cba4fa6f03e08d90e40d7ce%7C84df9e7fe9f640afb435aaaaaaaaaaaa %7C1%7C0%7C637556493924427840%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLC JQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=sxFeuBCkwrV3o3EpDl 8%2FZ1D95S7RnZcPlcWWi1Gn%2BXw%3D&reserved=0 , or unsubscribe https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com %2Fnotifications%2Funsubscribe-auth%2FAGGJNEJTNLU7S5HANL6BTADTL2YGXANCNFSM44 A4F4AQ&data=04%7C01%7C%7C08fc10e02cba4fa6f03e08d90e40d7ce%7C84df9e7fe9f640af b435aaaaaaaaaaaa%7C1%7C0%7C637556493924427840%7CUnknown%7CTWFpbGZsb3d8eyJWIj oiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Tl UcL6pyneXfoYkgmuX7TtkSfxRfPwv1lHj%2FaO67Jo4%3D&reserved=0 . https://github.com/notifications/beacon/AGGJNEPVOLAVOTKLQ77KX2DTL2YGXA5CNFS M44A4F4A2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOGGGKPSY .gif
@joemeree There is no impact to Waters.
@RickHawesUSDS @Mr0grog @mauricereeves @mry-usds @carlosfelix2 @ronaldheft-usds @joemeree @submit Agenda items as desired!