Kudzai-moj
commented
3 months ago I did not use the Admin role for this ticket because its impossible to expand its json policy and see full list of permissions, the most i could do was to compare missing services.
Ended up using the I AM policy spike document. I added some create, update and delete permissions to the Modernisation Platform Engineering role which was previously read only.
The role has some of the permissions which are contained in,
- Developer Additional Statements
- Instance Management
- Reporting Operations
- Fleet Manager
mikereiddigital
User Story
Following on from the NCSC review: AWS accounts hosting the Modernisation Platform are accessed using standard issue MoJ devices. The security posture of these devices was not discussed, however, if these devices render untrusted content through on-device internet browsing or email access, they could be at a higher risk of compromise. Due to this, using a standard issue MoJ device for Administrators and Developers could present an undue risk to the Modernisation Platform and the services it hosts.
Risk: An attacker could gain unauthorised access to code and production environments in the event that an MoJ device accessing these environments is compromised. This could lead to loss or modification of sensitive data and/or unauthorised access to services hosted in the Modernisation Platform. Recommendation: Ensure all configuration changes to the Modernisation Platform are performed in code rather than manually in the console.
This ticket is to change the Mod Platform engineer role to allow some of the less risky 'admin' changes (ie so that these have to be done via code)
Value / Purpose
This reduces the risk outlined by NCSC
Useful Contacts
No response
Additional Information
n/a
Definition of Done