Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Current »

Title

MongoDB Atlas Cloud - Database as a service

Use

Provides the persistent storage for all Voluntarily platform data for both dev, test and production instances.

Owner

Operations manager,

Location

https://cloud.mongodb.com

Cost

Currently (01-2020) Free Tier.

Billing

Admins

Andrew, Viv

MongoDB.Atlas is a cloud-hosted database as a service used by Voluntarily.nz

The management structure is:

Previous management structure:

Used for alpha deployment through 2019.

TODO: migrate alpha and beta data from original cluster to new one. placing new sign in creds in secure token.

voluntarily-mongo-cluster-test

Name

voluntarily-mongo-cluster-test

Version

4.2.2

Cluster Tier

M0 Sandbox ( free, no backup )

Region

AWS / Sydney (ap-southeast-2)

Type

Replica Set - 3 nodes

Limitations

https://docs.atlas.mongodb.com/reference/free-shared-limitations/

Access Whitelist

Open

admin user

vly-admin

client user

vly-client

readonly user

vly-client-readonly

voluntarily-mongo-cluster-prod

Name

voluntarily-mongo-cluster-prod

Version

  1. 2.2

Cluster Tier

To be created

Region

Type

Limitations

Access Whitelist

limit to AWS deployment network and Admin domain.

Access Control

Current status of accounts

Admin Permissions Process

To be given admin rights you must:

  • Be a technical employee of Voluntarily

  • or be a trusted and experienced, long term contributor we have met in person.

  • have MFA enabled on your IAM account

  • Password policy allows alpha only passphrases but must be 15 chars or more.

To allocate a new admin the ‘Operations Manager’ using the Organisation Admin Account role will add a new account for the person assigning the required permissions.

Revoking Permissions

Access will be revoked for a person:

  • No longer meeting the above requirements.

  • Not contributing a change to the platform for more than 12 months.

  • Any action causing malicious harm to the project/code base.

  • Any action breaking the code of conduct towards others.

  • Any illegal activity

Auditing Permissions and Changes

Asset protection and disaster recovery

Backup Process

Test environments run in free tier clusters and do not have automated backups. In order to preserve the data in alpha and beta run x/atlas/alpha-dump or x/atlas/beta-dump from time to time.

The production system will be built with an integral backup facility.

Risk of losing access to service

If a malicious third party gained access to the organisation admin credentials or was able to sign in as an org admin or project admin they would be in a position to:

  • copy all the data from the database

  • delete all the data

  • change permissions preventing access by other admins and the online platform

If we broke terms of use or failure to pay bills from the service provider we may be prevented from operating the database.

Impact of losing access to service

Loss of the database service would completely prevent the Voluntarily platform from being used.

Impact of a data breach

A data breach would have a significant reputational impact on PFCT and Voluntarily.

Recovery process

Recovery would require:

  • Establishing a new MongoDB instance on suitable infrastructure

  • Restoring the database from a backup

  • updating the deployments to use the new DB.

This could take up to 1 day assuming the backups are available and networks operating.

  • No labels

0 Comments

You are not logged in. Any changes you make will be marked as anonymous. You may want to Log In if you already have an account.