Open jennb33 opened 7 months ago
Ideas: Global rate limiting? Anything we can do to migrate existing code to use encrypted attributes Audit the manifests to ensure sensitive values are stored appropriately Review breakers config - is the 50% default threshold good for all services?
Issue Description
As the Platform Product Team, We need a better inventory of our tools, versions and features that are used, So that we can better manage and report on what is used and how
Since the initial deployment of various tools and software in our stack back in 2018, there have been continuous development and upgrades in these technologies. However, a methodical review to leverage new feature sets introduced in subsequent releases has been lacking. This gap in our process has potentially led to missed opportunities for enhancing our systems' efficiency, security, and performance.
A prime example of this situation is Redis (ElastiCache), which despite being upgraded, may not fully utilize features introduced in newer versions such as Cluster mode - which would allow for high availability via automatic failover and replication. This scenario could very likely extend to other components of our stack, such as Postgres, among others. Additionally, the absence of historical documentation on decision-making processes further complicates our ability to assess historical decisions.
We are also being asked by @tayism for a 'cheat sheet' list of the tools, services, or processes your team owns or manages so that Oddball and AdHoc knows who to notify when pointed feedback comes in.
Examples include:
Please document all findings for the tool from the audit in this Google document
SBOM - software bill of materials?
Tasks
Success Metrics
Acceptance Criteria