Closed gary-fallon closed 1 year ago
This ticket is a child of the epic below which has the BIA, etc.: https://github.com/department-of-veterans-affairs/va.gov-team/issues/53055
@alyssagallion For diagram updating can you work w/ Jesse House who is the PM and Kyle Matheny?
Started a group chat on Slack with @jhouse-solvd and @ph-One
Assigning this ticket to @jhouse-solvd per our Slack conversation and meeting today.
I added my team label (+infrastructure) to show up in our ZenHub workspace. I'm taking a look at this tonight to review and add some details about what diagrams are needed to satisfy the system description.
I've got some time set aside tomorrow as well. The plan is to provide @alyssagallion and the team with estimates tomorrow.
A few notes [WIP]:
This issue has been rated as a 5 (following the guidance here).
FYSA, I’m OOO tomorrow and Friday (2/23,24) and will work on this upon my return.
We have a good understanding of the scope and details to include. Now we need a few hours to update (or create) diagrams:
Thanks to all who have helped get the info together. If you’re interested, there are notes and to-dos in my personal Confluence space.
I'm working on this now and plan to have updated diagrams to share by EOD.
I have an updated diagram showing application (Vets-API) infrastructure and another showing external connections. When Gary has time, I'd like to review these with him to ensure they depict the necessary level of detail.
I'll begin working on the remote access and CI/CD diagrams today.
Note: This work will carry over into the next sprint.
I did a review of diagrams w/ Kyle Matheny this morning. He provided feedback and clarified some technical details that would be good to represent. Gary and I will also be meeting later today to review. He'll likely have feedback as well.
I'll add notes to this issue later today or tomorrow.
The external services connections relate to #53885
@Gary-fallon Is the architecture diagram finalized now
@fowusu2 No, @jhouse-solvd is still working on the architecture diagram.
The external connections diagram has been prioritized due to its relation to #53885.
I met w/ Joe Niquette and Gary Fallon and have updated the external connections diagram based on their feedback.
I scheduled time for tomorrow afternoon to make changes needed to provide additional clarity around where various backend services are hosted, e.g.
I'm working on this now. I plan to have an updated diagram to share in the next couple of hours.
Please also see the recent comment here for useful context.
@gary-fallon - Regarding the updates to the diagrams per yesterday's discussion:
I shared the diagram in DSVA Slack to get your feedback. Please let me know if you'd like to discuss this tomorrow or the next.
@jhouse-solvd can you please include CMS as part of the AWS architecture diagram? Thank you.
Per Gary's previous request, I'm working on adding CMS to the infrastructure architecture diagram now.
@jhouse-solvd can you please share whatever diagrams you are currently working on?
I will be drafting the BIA and ISCP based on a new definition of the FISMA authorization boundary that includes all VFS applications.
I'll unassign this issue for now and follow up if I have questions. Thank you!
@gary-fallon - Do you still want me to include CMS components on the infrastructure architecture diagram? I met w/ one of their DevOps engineers this morning to inquire about details.
I'm heading into a Team of Teams meeting right now but I will export and share these diagrams as soon as I'm finished.
@jhouse-solvd yes, please finish up whatever you were working on first. Thank you!
@gary-fallon - I sent you the following diagrams in DSVA Slack:
If you’d like, I can attach them to the issue as well, as long as there are no concerns about the sensitivity of security-related info.
Pending feedback on these diagrams, I’m happy to finish the a) CI/CD, b) remote access, and c) observability and monitoring diagrams. But I understand that those might not be as high priority as other work.
Please let me know how I can best support upcoming deadlines. :pray:
I reviewed the diagrams provided by @jhouse-solvd.
During our Gap Analysis, we realized that the System Security Plan (SSP) was incorrect. We have since updated it, presented it to the ISSO and Ray Wang is now reviewing the associated tickets he needs to approve. Once those are reviewed and approved, @ScottCutlip will continue the work on SSP.
SSP is the dependency. Until approved, all BIA work is on hold.
@jhouse-solvd Can you also add points to this ticket? We are trying to get an accurate Burndown Report. Thanks!
@alyssagallion - The Epic has 3 stories, each of which are 3 points, making the epic total 9. We could also point the epic, but it will skew the points higher (ie epic + stories).
Let me know what you'd like to do! :)
The most recent architecture diagram has been included in the BIA.
Please see the parent epic for future updates.
Closing.
Description
The Architecture Diagram referenced in the BIA and used in eMASS requires additional information to be added.
Tasks
The following tasks must be reviewed and completed as necessary.
Acceptance
The following tasks must be completed before this issue can be considered done.