3rd party account management registration for Discord
Categories
(Cloud Services :: Security, task)
Tracking
(Not tracked)
People
(Reporter: couci, Assigned: u429623)
Details
(Whiteboard: [foxsec-IM-sam:tbd])
We are using the 3rd party service Discord, which requires accounts on their system for administration and/or usage of the service. Per the standard this bug identifies the accountable individuals for the service and the accounts:
Service Owner: kpapadea@mozilla.com
Service Account Manager: STAFF_LDAP (optional, defaults to owner)
This service is integrated with Mozilla IAM: NO
This service uses durable access keys assigned to individuals: NO
(If IAM is "yes", AND durable keys is "no", you are done. Please submit this bug as is.)
Because this service does not integrate with Mozilla IAM, we have established our own procedure as follows:
Responsible Director: bborrman@mozilla.com and iudom@mozilla.com
Service Account Manager Delegates: STAFF_LDAPS (optional)
URL to mana page with account management procedure: URL Example Procedure
A list of current users and durable access keys is maintained at: FILL_IN_ANSWER
Reporter | ||
Comment 1•2 years ago
|
||
We haven't opened the server yet, opening this bug for visibility.
MDN and Hubs also have their own servers. This is part of the Responsible AI challenge, so we would like to have the server up and running by the 30th.
We will of course take care of setting everything up, just wanted to notify the security team we are doing this.
Not sure if any other approvals are needed.
For more context here is the bug from MDN and Hubs: https://bugzilla.mozilla.org/show_bug.cgi?id=1771665
Reporter | ||
Comment 2•2 years ago
|
||
Adding Hal here in case we need to do anything else before we open the server
Oops - I have to update the standards doc to point to the new location of the example
As you'll see, it's pretty straightforward. Feel free to ping hwine in slack with questions.
Updated•2 years ago
|
Description
•