Security

[vickimcfadden]

To establish production URL

• [x] Give cloud.gov a heads-up when we're going live (after getting domain name)
• [x] Cloud.gov will reach out to security and ask them to scan (could take 2 weeks)
• [x] Cloud.gov will enable domain

ATU (Authority to Use)

• [x] Fill out form / google doc
• [x] Configure our repo to cloud.gov pages best practices
• [x] Submit the doc to TTS Ops (John Jediny) that we have made change to our repo (could take 1 week)

[jfredrickson5]

Submitted PR to add this repo to GSA's GitHub security policy enforcement: https://github.com/GSA/.allstar/pull/9

[vickimcfadden]

@mark-meyer @jfredrickson5 follow up with John tomorrow to figure out what the process steps are

[jfredrickson5]

Submitted ATU document.

[jfredrickson5]

Added a new ATU checklist item to this card based on the new form we have to submit for the web manager.

[jfredrickson5]

For "Configure our repo to cloud.gov pages best practices", we only have one item left to implement, signed commits. Holding off on that one until we're sure all our previously unsigned commits are merged.

[vickimcfadden]

ATU form is still under development. Created a new card to do this for post MVP

[klohman]

@ekidenda @PowderD @smteague This one should be done. We created a new issue to track the ATU.

[ekidenda]

Okay, moving this to done per the notes by @klohman above. New issue ticket reviewed.