bagg3rs
commented
2 years ago Created request for new dist list for github machine account. RITM0985272
Closed bagg3rs closed 2 years ago
bagg3rs
commented
2 years ago Created request for new dist list for github machine account. RITM0985272
bagg3rs
commented
2 years ago Changed GitHub Machine Account to use cloudops shared mailbox
bagg3rs
commented
2 years ago Replacing Parameter Store entry with the updated token. https://github.com/ministryofjustice/staff-device-shared-services-infrastructure/blob/639f45e6be2c31ba23fdf7516821646a06d866e0/modules/ci-pipeline/main.tf#L139
github-actions[bot]
commented
2 years ago CNSA-66 created on Jira board and transitioned to Done
@bagg3rs commented on Thu May 19 2022
User Story
As a CloudOps Engineer I need to update our GitHub token So that it conforms to the new security standards
Value / Purpose
To understand more about this change and why it's important, visit https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats.
Useful Contacts
RB
Additional Information
// details of the account in LastPass.
Hi @staff-infrastructure-moj,
We noticed your personal access token, MoJ Official AWS Shared Services CodePipelines, has an outdated format and was used to access the GitHub API on May 19th, 2022 at 17:14 (UTC) with a user-agent header of AWS CodePipeline.
We recently updated the format of our API authentication tokens, providing additional security benefits to all our customers.
In order to benefit from this new format, please regenerate your personal access token, MoJ Official AWS Shared Services CodePipelines, using the button below.
Regenerate your personal access token
To understand more about this change and why it's important, visit https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats.
We encourage you to reset your other authentication tokens as well, or revoke any that are no longer needed. This applies to integrations (such as OAuth Apps and GitHub Apps) as well as personal access tokens. For more information on reviewing your authorized integrations, refer to https://docs.github.com/github/authenticating-to-github/reviewing-your-authorized-integrations.
Thanks, The GitHub Team
Definition of Done