Open NellySSJ opened 2 months ago
stevebowring
commented
1 month ago Split ticket to
Dev env will always be whitelist - we can Test OpenId on the DEv env - if happy move to other environments.
Test and Live can be fulfilled by OpenID - once TechServices come back to Naresh - Data Solutions to support implementation
Website will be without any IP restriction - however backend will have strong restriction.
NellySSJ
commented
1 month ago Data Solutions have the list of Zero Trust iBoss service IP addresses that need adding into the AWS environment ACLs. This should resolve the issues with Test and Live. They will need to confirm once deployed.
NellySSJ
commented
2 weeks ago Robert confirmed that these were applied. Need to monitor whether we (NHSE not external users) run into issues still. Highlight to Data Solutions if this is still an issue and they will liaise with IT and escalate where necessary.
Currently, users have to add their IP to white list in order to connect to the Mauro instance. As all users IP are dynamic, this IP addresses need to be updated regularly on the AWS host.
There need to be a permanent solution to enable users to access Mauro without whitelisting. This could be resolved by making Mauro available on public internet with OpenID setup for authentication.