As operators, we need to communicate cloud.gov status post deprecation of StatusPage

[pburkholder]

As operators of cloud.gov, we need to communicate in with our customers about incidents in near-real time, and provide the opportunity to be alerted when incidents occur.

As business stewards of cloud.gov, we need to communicate with prospective customers about our uptime record, and our history of how we handle incidents (e.g the Jan 2018 cloud.gov outage).

Since at least August 2015, both those needs have been fulfilled by StatusPage at https://cloudgov.statuspage.io.

GSA IT is not renewing the ATO for StatusPage as Atlassian is not going to go through the FedRAMP accreditation. The current P-Card purchase for cloud.gov usage expires 2020-01-12.

Before then we need to determine:

• Whether we can extend use of StatusPage as a social media service, not an ATO'd government system
• Failing that, what other service could provide:
  • incident alerting
  • historical uptime
  • incident history
• Migrate those services, as feasible, to the new service.

[pburkholder]

SSP status: StatusPage in 9.2 is declared out-of-boundary. We refer to statuspage in

• IR-5
• IR-7

[pburkholder]

Since StatusPage is in our SSP to satisfy IR7(1), then perhaps we can't simply call it social media and go on our way. We may need to set up a email list for cloud-gov-incidents (through GovDelivery) or Google Groups for business with public-facing pages https://support.google.com/a/answer/167097?hl=en . If we do this to satisfy IR-7(1) then we can use StatusPage and Twitter as advisory social media services.

[pburkholder]

Tracking with Tech Portfolio folks at: https://github.com/18F/tts-tech-portfolio/issues/224

[hillaryj]

Tech Portfolio folks have updated that StatusPage hasn't been responsive to even going through the LISaas (Low Impact SaaS) process, so we'll still need to transition off.

:lock: TTS Tech Portfolio Discussion Notes

[karareinsel]

@pburkholder is there an update on what cloud.gov needs to do since StatusPage is going to be sunsetted?

[pburkholder]

We are working with TTS Tech Portfolio on a replacement, then we'll need to export all our past incidents and history.

On Mon, Feb 10, 2020 at 12:17 PM Kara Reinsel notifications@github.com wrote:

@pburkholder https://github.com/pburkholder is there an update on what cloud.gov needs to do since StatusPage is going to be sunsetted?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/18F/cg-product/issues/1174?email_source=notifications&email_token=AAJHWCVZSK6F6ARFROZ4E2TRCGD2DA5CNFSM4J3NNCS2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOELJK64Q#issuecomment-584232818, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAJHWCVGHVHPM7NIWPBI4ZLRCGD2DANCNFSM4J3NNCSQ .

--

Peter Burkholder cloud.gov compliance & security | co-lead DevOps Community of Practice https://digital.gov/communities/devops/

Solutions https://www.gsa.gov/about-us/organization/federal-acquisition-service/technology-transformation-services/tts-solutions | Technology Transformation Services https://join.tts.gsa.gov/tts-offices/

|

GSA http://www.gsa.gov/portal/category/100000

202-709-2028 <(202)%20209-2028> | peter.burkholder@gsa.gov peter.burkholder@gsa.gov

| pronouns he-him https://www.mypronouns.org/he-him Free/Busy Calendar https://calendar.google.com/calendar/embed?src=peter.burkholder@gsa.gov

[pburkholder]

We're keeping StatusPage \o/ !

[kennethredler]

@pburkholder happy for you...are you able to share any part of the decision process you undertook to arrive at this decision. Would love to understand whether a similar path might be taken in other contexts.

[pburkholder]

@kennethredler The hard work was undertaken by the TTS infrastructure operations team including @its-a-lisa-at-work and @afeld -- maybe they can comment on the path taken, as I can't seem to track down the details myself in GEAR or from the TTS SaaS tracker.

Thanks for your message. We always have this tension between which issues we keep public and which we manage as private issues. This kind of comment shows the value of keeping our work in the public.

[afeld]

@kennethredler The short answer is that it went through GSA's Low-Impact Software as a Service (LISaaS) process.