2021 Q4

Legal Documents2021 Q42021 Q4

Audit date: 14 January 2022

Category Activity Scope Status of the internal audit
Product Development Environment Product Team Workstations
  • Updated Virus Protection
  • Full Disk Encrytion
  • No unauthorized access

Product Team Workstations

We have validated the notebooks of all of our 17 product team members.
Source Code Management System
  • Login access is restricted only to authorized persons
  • Only minimal permissions are granted
  • No unauthorized access

Bitbucket Cloud - META-INF

Source code management and Build system to store and build the code of our applications.

Permissions

  • Admin : Can create, delete repositories and modify repository settings.
  • Write : Can push and merge source code modifications and trigger manual build pipelines.
  • Read : Can pull source code, read build logs and pull requests.

Repository1

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    7 Software Developer
    1 CEO

Repository2

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    7 Software Developer
    1 CEO

Repository3

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    7 Software Developer
    1 CEO

Repository4

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    7 Software Developer
    1 CEO

Repository5

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    7 Software Developer
    1 CEO

Repository6

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    7 Software Developer
    1 CEO

Repository7

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    7 Software Developer
    1 CEO

Repository8

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    1 DevOps Engineer
    7 Software Developer
    2 Test Engineer
    1 Technical Account
    1 CEO

Repository9

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    1 DevOps Engineer
    7 Software Developer
    2 Test Engineer
    1 CEO

Repository10

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    1 DevOps Engineer
    7 Software Developer
    2 Test Engineer
    1 CEO

Repository11

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    1 DevOps Engineer
    7 Software Developer
    2 Test Engineer
    1 CEO

Repository12

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    1 DevOps Engineer
    11 Software Developer ( 4 Contractor )
    2 Test Engineer
    1 CEO

Repository13

  • Admin
    1 DevOps Engineer
    2 Product Owner
  • Write
    1 DevOps Engineer
    7 Software Developer
    2 Test Engineer
    1 CEO
Artifact Management System
  • Login access is restricted only to authorized persons
  • Only minimal permissions are granted
  • No unauthorized access

Jfrog Artifactory

Artifact management system to store the build logs and artifacts of your application.

Permissions

  • Admin : Can create, delete repositories and modify repository settings.
  • Write : Can upload, delete, overwrite (in snapshot repositories) artifacts.
  • Read : Can list, download artifacts.

Repository1

  • Admin
    1 DevOps Engineer
  • Write
    1 Technical Account
  • Read
    1 DevOps Engineer
    7 Software Developer
    2 Test Engineer
    1 Product Owner

Repository2

  • Admin
    1 DevOps Engineer
  • Write
    1 Technical Account
  • Read
    1 DevOps Engineer
    7 Software Developer
    2 Test Engineer
    1 Product Owner
Staging Environment AWS Staging Environment
  • Cloud Console access is restricted only to authorized persons
  • SSH access is protected by keys and MFA
  • Database access is possible only from the internal network
  • Kubernetes access is possible only from the internal network
  • Only minimal permissions are granted
  • No unauthorized access

AWS Stage

Separated AWS Account for the Stage resources.

Permissions

  • StageAdmins : Can list, create, delete, modify AWS resources.
  • StageContainerImageAdmins : Can list, create, delete, modify (in snapshot repositories) Docker images.
  • StageContainerImageReaders : Can list Docker images.
  • StageDeployers : an list, create, delete, modify Kubernetes resources and list Docker images.
  • InfraBackup : Can list, create, delete, modify items in the Backup S3 Bucket.
  • StageEticmaTechUsers : Can list, create, delete, modify ETICMA app related resources w/o MFA.
  • StageEticmaUsers : Can list, create, delete, modify ETICMA app related resources.
  • StageAdmins
    2 DevOps Engineer
    3 Infrastructure Engineer ( 3 Contractor )
    1 Software Developer
  • StageContainerImageAdmins
    1 Technical Account
  • StageContainerImageReaders
    1 Technical Account
  • StageDeployers
    2 Software Developer
  • InfraBackup
    1 Technical Account
  • StageEticmaTechUsers
    1 Technical Account
  • StageEticmaUsers
    3 Software Developer ( 3 Contractor )
    2 Test Engineer
    1 Product Owner

AWS Stage Bastion

EC2 instance to access the Stage internal network and databases.

Permissions

  • Root : Can administer Linux OS.
  • User : Can log in and access the internal network of the Staging environment.
  • Root
    1 DevOps Engineer
    2 Infrastructure Engineer ( 2 Contractor )
  • User
    1 Infrastructure Engineer ( 1 Contractor )
    3 Software Developer
    1 Technical Account
Production Environment AWS Production Environment
  • Cloud Console access is restricted only to authorized persons
  • SSH access is protected by keys and MFA
  • Database access is possible only from the internal network
  • Kubernetes access is possible only from the internal network
  • Only minimal permissions are granted
  • No unauthorized access

AWS Prod

Separated AWS Account for the Prod resources.

Permissions

  • Admins : Can list, create, delete, modify AWS resources.
  • BillingAdmins : Can view billing details, costs, invoices.
  • ContainerImageAdmins : Can list, create, delete, modify Docker images.
  • Deployers : an list, create, delete, modify Kubernetes resources and list Docker images.
  • Admins
    1 DevOps Engineer
    2 Infrastructure Engineer ( 2 Contractor )
    1 Software Developer
  • BillingAdmins
    1 DevOps Engineer
  • ContainerImageAdmins
    1 Technical Account
  • Deployers
    2 Software Developer

AWS Prod Bastion

EC2 instance to access the Prod internal network and databases.

Permissions

  • Root : Can administer Linux OS.
  • User : Can log in and access the internal network of the Production environment.
  • Root
    1 DevOps Engineer
    2 Infrastructure Engineer ( 2 Contractor )
  • User
    3 Software Developer
    1 Technical Account
Log Analysis and Monitoring Datadog Loggin and Monitoring System
  • Login access is restricted only to authorized persons
  • Only minimal permissions are granted
  • No unauthorized access

Datadog

Log management and monitoring tool for our staging and production applications.

Permissions

  • Admin : Can administer all resources. Can not delete logs.
  • Write : Can read, create, delete, modify monitors, dashboards. Can read logs.
  • Read : Can read monitors, dashboards, logs.
  • Admin
    1 DevOps Engineer
    1 Software Developer
    1 Technical Account
  • Write
    1 DevOps Engineer
    1 Software Developer
  • Read
    2 Infrastructure Engineer ( 2 Contractor )
    5 Software Developer
    2 Test Engineer
    3 Support Agent
    2 Product Owner
    1 CEO

In-depth expertise, knowledge transfer and Atlassian apps from the highest-level Atlassian partner.

Solutions
ITSM
Jira Audit
Cloud Migration
Enterprise Service Management
Services
Atlassian Consulting
Atlassian Licenses
Atlassian Training
Atlassian Support
Email This Issue Services
Apps
Email This Issue for Jira
Glass Documentation for Jira
Content Exporter for Confluence
Advanced Content Navigator for Confluence
About META-INF
Meet the team
Partner Program
Let's Partner Up
Career
Contact

© 2007 - 2025 META-INF, Atlassian Platinum Solution Enterprise Partner & Platinum Marketplace Partner. All rights reserved.

Privacy Policy