This repository is home to the Operations Engineering's tools and utilities for managing, monitoring, and optimising software development processes at the Ministry of Justice. • This repository is defined and managed in Terraform
As a member of the operations engineering team,
I want to organise and secure the GitHub personal access tokens in the moj-operations-engineering-bot account,
so that we can reduce risks, improve clarity, and align with best practices in token management. Furthermore, I want to explore ways of storing and managing secrets so they can be automatically regenerated on a schedule or when required.
Value
Properly managing these tokens will significantly reduce security risks by limiting their scope and improving their traceability. It will also streamline our processes by creating a clear and efficient method for future token creation and management.
Functional Requirements:
[ ] Explore the integration with the Cloud Platform's secrets-manager for secure storage and management of tokens
Non-Functional Requirements:
Acceptance Criteria:
[ ] Document and provide recommendations with respect to Cloud Platform's secrets-manager integration.
User Need
As a member of the operations engineering team, I want to organise and secure the GitHub personal access tokens in the moj-operations-engineering-bot account, so that we can reduce risks, improve clarity, and align with best practices in token management. Furthermore, I want to explore ways of storing and managing secrets so they can be automatically regenerated on a schedule or when required.
Value
Properly managing these tokens will significantly reduce security risks by limiting their scope and improving their traceability. It will also streamline our processes by creating a clear and efficient method for future token creation and management.
Functional Requirements:
Non-Functional Requirements:
Acceptance Criteria:
Notes: