Security

Access to GitHub and deployment environments

All GitHub accounts with access to island-is need to have two-factor authentication (2FA) enabled. This is enforced at the organization level.

Gaining write access to the codebase and AWS

To join one of the teams at the GitHub organization island-is, one of the Delivery Managers needs to request that in the Slack channel #organizational-access-changes. After approval from a representative of Stafrænt Ísland, the GitHub account will be added.

Team members leaving

When a team member is no longer working for Stafrænt Ísland, the Delivery Manager whose team the member belonged to, needs to announce that on Slack channel #organizational-access-changes. DevOps team will revoke the team member's account access to the GitHub org and AWS accounts.

Periodic review of team members

Every month DevOps team will remind the Delivery Managers to review the list of team members that have access to GitHub. In case Delivery Managers discover team members that are no longer working for Stafrænt Ísland, they need to notify DevOps team on Slack channel #organizational-access-changes.