2024 Q1

Legal Documents2024 Q12024 Q1

Audit dátuma: 2024.04.29.

Audit date: 29 April 2024

CategoryActivityScopeStatus of the internal audit
Product Development EnvironmentProduct Team Workstations
  • Updated Virus Protection
  • Full Disk Encrytion
  • No unauthorized access

Product Team Workstations

We have validated the notebooks of all of our 32 product team members.

Source Code Management System
  • Login access is restricted only to authorized persons
  • Only minimal permissions are granted
  • No unauthorized access

Bitbucket Cloud - META-INF

Source code management and Build system to store and build the code of our applications.

Permissions

  • Admin: Can create, delete repositories and modify repository settings.
  • Write: Can push and merge source code modifications and trigger manual build pipelines.
  • Read: Can pull source code, read build logs and pull requests.

Repository1

  • Admin
    1 DevOps Engineer
    1 Software Developer
    2 Product Owner
    2 Technical Account
  • Write
    11 Software Developer
    2 Support Agent
    1 CEO

Repository2

  • Admin
    1 DevOps Engineer
    1 Software Developer
    2 Product Owner
    2 Technical Account
  • Write
    11 Software Developer
    2 Support Agent
    1 CEO

Repository3

  • Admin
    1 DevOps Engineer
    1 Software Developer
    2 Product Owner
    2 Technical Account
  • Write
    11 Software Developer
    2 Support Agent
    1 CEO

Repository4

  • Admin
    1 DevOps Engineer
    1 Software Developer
    2 Product Owner
    2 Technical Account
  • Write
    11 Software Developer
    2 Support Agent
    1 CEO

Repository5

  • Admin
    1 DevOps Engineer
    1 Software Developer
    2 Product Owner
    2 Technical Account
  • Write
    11 Software Developer
    2 Support Agent
    1 Technical Account
    1 CEO
  • Read
    3 Test Engineer

Repository6

  • Admin
    1 DevOps Engineer
    3 Software Developer
    2 Product Owner
    2 Technical Account
  • Write
    9 Software Developer
    3 Test Engineer
    2 Support Agent
    1 CEO

Repository7

  • Admin
    1 DevOps Engineer
    1 Software Developer
    2 Product Owner
    2 Technical Account
  • Write
    11 Software Developer
    2 Support Agent
    1 CEO

Repository8

  • Admin
    1 DevOps Engineer
    1 Software Developer
    2 Product Owner
    2 Technical Account
  • Write
    14 Software Developer ( 3 Contractor )
    3 Test Engineer
    2 Support Agent
    1 Technical Account
    1 CEO
  • Read
    1 Software Developer ( 1 Contractor )
    1 Support Agent

Repository9

  • Admin
    1 DevOps Engineer
    1 Software Developer
    2 Product Owner
    2 Technical Account
  • Write
    14 Software Developer ( 3 Contractor )
    3 Test Engineer
    2 Support Agent
    1 Technical Account
    1 CEO

Repository10

  • Admin
    1 DevOps Engineer
    1 Software Developer
    2 Product Owner
    2 Technical Account
  • Write
    11 Software Developer
    3 Test Engineer
    2 Support Agent
    1 Technical Account
    1 CEO

Repository11

  • Admin
    1 DevOps Engineer
    1 Software Developer
    2 Product Owner
    2 Technical Account
  • Write
    11 Software Developer
    3 Test Engineer
    2 Support Agent
    1 Technical Account
    1 CEO

Repository12

  • Admin
    1 DevOps Engineer
    1 Software Developer
    2 Product Owner
    2 Technical Account
  • Write
    11 Software Developer
    3 Test Engineer
    2 Support Agent
    1 Technical Account
    1 CEO

Repository13

  • Admin
    1 DevOps Engineer
    1 Software Developer
    2 Product Owner
    2 Technical Account
  • Write
    11 Software Developer
    3 Test Engineer
    2 Support Agent
    1 Technical Account
    1 CEO

Repository14

  • Admin
    1 DevOps Engineer
    3 Software Developer
    2 Product Owner
    2 Technical Account
  • Write
    9 Software Developer
    3 Test Engineer
    2 Support Agent
    1 CEO

Artifact Management System
  • Login access is restricted only to authorized persons
  • Only minimal permissions are granted
  • No unauthorized access

Jfrog Artifactory

Artifact management system to store the build logs and artifacts of your application.

Permissions

  • Admin: Can create, delete repositories and modify repository settings.
  • Write: Can upload, delete, overwrite (in snapshot repositories) artifacts.
  • Read: Can list, download artifacts.

Repository1

  • Admin
    1 DevOps Engineer
  • Write
    1 Technical Account
  • Read
    11 Software Developer
    3 Test Engineer
    1 Product Owner

Repository2

  • Admin
    1 DevOps Engineer
  • Write
    1 Technical Account
  • Read
    11 Software Developer
    3 Test Engineer
    1 Product Owner

Staging EnvironmentAWS Staging Environment
  • Cloud Console access is restricted only to authorized persons
  • SSH access is protected by keys and MFA
  • Database access is possible only from the internal network
  • Kubernetes access is possible only from the internal network
  • Only minimal permissions are granted
  • No unauthorized access

AWS Stage

Separated AWS Account for the Stage resources.

Permissions

  • StageAdmins: Can list, create, delete, modify AWS resources.
  • StageFTT: Can list, create, delete, modify AWS resources relted to Atlassian Forge Apps.
  • StageContainerImageAdmins: Can list, create, delete, modify (in snapshot repositories) Docker images.
  • StageContainerImageReaders: Can list Docker images.
  • StageSupport: an list, create, delete, modify Kubernetes resources and list Docker images.
  • InfraBackup: Can list, create, delete, modify items in the Backup S3 Bucket.
  • StageEticmaTechUsers: Can list, create, delete, modify ETICMA app related resources w/o MFA.

  • StageAdmins
    1 DevOps Engineer
    3 Infrastructure Engineer ( 3 Contractor )
    1 Software Developer
  • StageFTT
    3 Software Developer
    1 Product Owner
  • StageContainerImageAdmins
    1 Technical Account
  • StageContainerImageReaders
    1 Technical Account
  • StageSupport
    3 Software Developer
  • InfraBackup
    1 Technical Account
  • StageEticmaTechUsers
    1 Technical Account

AWS Stage Bastion

EC2 instance to access the Stage internal network and databases.

Permissions

  • Root: Can administer Linux OS.
  • User: Can log in and access the internal network of the Staging environment.

  • Root
    1 DevOps Engineer
    3 Infrastructure Engineer ( 3 Contractor )
    1 Software Developer
  • User
    3 Software Developer

Production EnvironmentAWS Production Environment
  • Cloud Console access is restricted only to authorized persons
  • SSH access is protected by keys and MFA
  • Database access is possible only from the internal network
  • Kubernetes access is possible only from the internal network
  • Only minimal permissions are granted
  • No unauthorized access

AWS Prod

Separated AWS Account for the Prod resources.

Permissions

  • Admins: Can list, create, delete, modify AWS resources.
  • FTT: Can list, create, delete, modify AWS resources relted to Atlassian Forge Apps.
  • BillingAdmins: Can view billing details, costs, invoices.
  • ContainerImageAdmins: Can list, create, delete, modify Docker images.
  • Support: an list, create, delete, modify Kubernetes resources and list Docker images.

  • Admins
    1 DevOps Engineer
    3 Infrastructure Engineer ( 3 Contractor )
    1 Software Developer
  • FTT
    3 Software Developer
    1 Product Owner
  • BillingAdmins
    1 DevOps Engineer
  • ContainerImageAdmins
    1 Technical Account
  • Support
    3 Software Developer

AWS Prod Bastion

EC2 instance to access the Prod internal network and databases.

Permissions

  • Root: Can administer Linux OS.
  • User: Can log in and access the internal network of the Production environment.

  • Root
    1 DevOps Engineer
    3 Infrastructure Engineer ( 3 Contractor )
    1 Software Developer
  • User
    3 Software Developer

Log Analysis and MonitoringDatadog Loggin and Monitoring System
  • Login access is restricted only to authorized persons
  • Only minimal permissions are granted
  • No unauthorized access

Datadog EU

Log management and monitoring tool for our staging and production applications.

Permissions

  • Admin: Can administer all resources. Can not delete logs.
  • Write: Can read, create, delete, modify monitors, dashboards. Can read logs.
  • Read: Can read monitors, dashboards, logs.
  • Billing: Can view billing details, and download invoices

  • Admin
    1 DevOps Engineer
    3 Infrastructure Engineer ( 3 Contractor )
    1 Software Developer
    1 Technical Account
  • Write
    4 Software Developer
    1 Atlassian Consultant
    1 Product Owner
  • Read
    6 Software Developer
    3 Test Engineer
    8 Support Agent
    1 Product Owner
    1 CEO
  • Billing
    1 Finance

Datadog US

Log management and monitoring tool for our staging and production applications.

Permissions

  • Admin: Can administer all resources. Can not delete logs.
  • Write: Can read, create, delete, modify monitors, dashboards. Can read logs.
  • Read: Can read monitors, dashboards, logs.
  • Billing: Can view billing details, and download invoices

  • Admin
    1 DevOps Engineer
    3 Infrastructure Engineer ( 3 Contractor )
    1 Software Developer
    1 Technical Account
  • Write
    4 Software Developer
    1 Atlassian Consultant
    1 Product Owner
  • Read
    6 Software Developer
    3 Test Engineer
    8 Support Agent
    1 Product Owner
    1 CEO
  • Billing
    1 Finance

In-depth expertise, knowledge transfer and Atlassian apps from the highest-level Atlassian partner.

Solutions
ITSM
Jira Audit
Cloud Migration
Enterprise Service Management
Services
Atlassian Consulting
Atlassian Licenses
Atlassian Training
Atlassian Support
Email This Issue Services
Apps
Email This Issue for Jira
Glass Documentation for Jira
Content Exporter for Confluence
Advanced Content Navigator for Confluence
About META-INF
Meet the team
Partner Program
Let's Partner Up
Career
Contact

© 2007 - 2025 META-INF, Atlassian Platinum Solution Enterprise Partner & Platinum Marketplace Partner. All rights reserved.

Privacy Policy