Separate S3 bucket for public assets

[r-bartlett-gsa]

User Story

As a security officer, in order to maintain appropriate levels of security for maint8ianing and processing CUI, I would like store public challenge assets and controlled/sensitive information in separate S3 buckets.

Acceptance criteria:

• [ ] Public challenge assets are separated into a separate S3 bucket
• [ ] All challenge information and data remains accessible publicly

Definition of Done

Doing (dev team)

• [ ] Code complete
• [ ] Code is organized appropriately
• [ ] Any known trade offs are documented in the associated GH issue
• [ ] Code is documented, modules, shared functions, etc.
• [ ] Automated testing has been added or updated in response to changes in this PR
• [ ] The feature is smoke tested to confirm it meets requirements
• [ ] Database changes have been peer reviewed for index changes and performance bottlenecks
• [ ] PR that changes or adds UI
  • [ ] include a screenshot of the WAVE report for the altered pages
  • [ ] Confirm changes were validated for mobile responsiveness
• [ ] PR approved / Peer reviewed

• [ ] Move card to testing column in the board

  Testing (dev team)

• [ ] Security scans passed
• [ ] Automate accessibility tests passed
• [ ] Build process and deployment is automated and repeatable
• [ ] Feature toggles if appropriate
• [ ] Deploy to staging

Staging

• [ ] Accessibility tested (Marni)
  • [ ] Keyboard navigation
  • [ ] Focus confirmed
  • [ ] Color contrast compliance
  • [ ] Screen reader testing
• [ ] Usability testing: mobile and desktop (Tracy or Marni)
• [ ] Cross browser testing (tool to be determined) (Tracy or Marni)
  • [ ] UI rendering is performant
• [ ] AC review (Renata)
• [ ] Deploy to production (production-like environment for eval capability) (dev team)

• [ ] Move to production column in the board

  Production

• [ ] User and security documentation has been reviewed for necessary updates (Renata and Michelle)
• [ ] PO / PM approved (Jarah or Renata)
• [ ] AC is met and it works as expected (Jarah or Renata)
• [ ] Move to done column in the board (Jarah or Renata)

[r-bartlett-gsa]

Additional information: https://docs.google.com/document/d/1T3xsithi-FjW5nuG7u6n9obH-tqwMnXhoNuSYHPaZIg/edit?usp=sharing