modernisation-platform
modernisation-platform copied to clipboard
ministryofjustice
Ensure credentials unused for 45 days or greater are disabled
User Story
As a security engineer I want to Ensure credentials unused for 45 days or greater are disabled To reduce the likelihood that they are exploited
https://docs.google.com/document/d/1ZOrGgOjApNo61SD2WAqAJgQScC7feoqP/edit
User Type(s)
Security engineer
Value
Reduce risk around unused credentials
Questions / Assumptions / Hypothesis
This is currently monitored in security hub, but we could add something to security baselines to enforce this. The credentials in the platform now are IAM users, member CI/CD users and the testing user.
Definition of done
- [ ] credentials unused for 45 days or greater are disabled
- [ ] readme has been updated
- [ ] user docs have been updated
- [ ] another team member has reviewed
- [ ] tests are green
- [ ] UR test OR added to continual research plan
Reference
How to write good user stories
This issue is stale because it has been open 90 days with no activity.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
This issue is stale because it has been open 90 days with no activity.
Completed with: https://github.com/ministryofjustice/modernisation-platform/blob/main/.github/workflows/collaborator-inactivity-monitoring.yml#L19 and https://github.com/ministryofjustice/modernisation-platform/blob/main/.github/workflows/superadmin-access-key-monitoring.yml