-
Notifications
You must be signed in to change notification settings - Fork 0
PHAC HC Shared Environment Model Notes
John Bain edited this page Apr 20, 2023
·
12 revisions
- Cant see user account ID's
- Difficult to manage users with out having access to Admin console
- Cant change user emails
- There is an opportunity for use to manage our own users, but access needs to be granted in the admin console
- Currently any Google ID can be invited into a project via IAM panel
- Hammer out what cloud profile posture we're at.
- Issue with the current deployment of guardrails. Permissions need to be delegated to enable editing of policies. Polciies are defined at the top of the organization.
- External IPs blocked
- Policy for "Skip default network creation". This is causing confusion.
- Cloud marketplace disabled
- GCP Workstations is blocked because its not available in Canada regions
- Users are able to create projects at the root of the org, this is default behavior
- Opportunity to implement various levels of JIT access
- https://cloud.google.com/architecture/manage-just-in-time-privileged-access-to-project
🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧
Under Development
- This wiki and the documents being developed under it are living documents.
- They are all pre-decisional.
- Some of these documents were generated using chatGPT or were developed by other organizations for reuse and adaptation.
- Some of the documents in this wiki are in early early drafts, they make reference to things that do no exist or to process not yet being used.
- The Center of practice(COP) is best effort and will be developed iteratively. This includes the technology supporting the COP
- At the early stages of the COP expect change; short life cycles and rapid changes. Plan accordingly.
- Stability in the COP will materialize over time.
- For immediate reference engage your COP support channel, use the documentation as a secondary source.
- There is reference to the COP and PDCP in the documentation, these are the same entity. We haven't picked a name yet :)
All of the pages in this wiki should be considered draft, underdevelopment and needing review. None of these pages are official documentation. All of the pages are a work in progress and discussion is encouraged via the GitHub issues mechanism.
🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧