hmcts / roadmap-platform-operations

0 stars 0 forks source link

PostgreSQL Excessive Administrator Accounts #2309

Open madjava opened 1 week ago

madjava commented 1 week ago

DTSPO-19155

Summary

A recent ITHC was performed against Juror and it was found that the postgres database had the DTS Platform Operations group had admin access to the database, i.e. people can connect to the database via pgsql with admin access, this is not the same as having access to the resource in Azure. The group has our day-to-day accounts in it so if our accounts get compromised, they can be used to connect to these databases. 

Proposition is that we should remove such access as it is excessive and unnecessary. If we require access at any point, we can use PIM to add ourselves to the group that has permission to request the access package. e.g. DTS Juror Admin (env:production).

This would require removing the code from the module that adds the Platform Operations groups to every flexible server.

New group for PlatOps PostgreSQL Admin access - move the Entra ID Admins over to that group and set that group up for access packages for users in DTS Platform Operations / SC.

Issue comms to service teams so they know to expect the change in Entra ID Admins once we're happy that it works & has been merged into the PostgreSQL flexible module.

Intended Outcome

Improves security as fewer people have admin access all the time.

Impact on Teams

No impact