modernisation-platform icon indicating copy to clipboard operation
modernisation-platform copied to clipboard

Published 20 hours ago verified publisher icon ministryofjustice

Monitor root user activity in MP accounts

Open richgreen-moj opened this issue 5 months ago • 1 comments

User Story

As a MP engineer I want to be alerted to when the AWS account root user is being used So that I know that it is only used for genuine purposes (and there are no security breaches)

Value / Purpose

This is a follow-on from #7437 which looked at alerting for admin role usage and more generally the NCSC recommendations on mitigating the risk of an attacker gaining unauthorised access to code and production environments.

It may need to be looked at after this more general ticket that investigates how we will be looking after the root account/codebase... https://github.com/ministryofjustice/modernisation-platform/issues/7824

Useful Contacts

No response

Additional Information

No response

Definition of Done

  • [ ] Identify best solution for alerting and where to alert
  • [ ] Deploy solution
  • [ ] Update documentation
  • [ ] Reviewed by another team member

richgreen-moj avatar Sep 02 '24 10:09 richgreen-moj