Engineering Security Realm

Maintained by:

Overview

This realm is for the engineering security team to deploy shared and team-specific infrastructure resources.

Future Iteration with Engineering Infrastructure Handbook Pages

The Engineering Infrastructure Environments handbook page is the current SSOT for environments. As the WIP initiative to iterate on our company-wide infrastructure standards evolves, the Engineering Infrastructure pages will be refactored incrementally as the standards are documented, implemented, and changes to environments take place.

Access requests

To request access to a group, please see group access request tutorial.

For email authenticity security reasons, only GitLab issues or Slack messages to owners or counterparts are allowed for infrastructure requests.

Realm Owners

Name	GitLab.com Handle	Group Role	Job Title
Paul Harrison	`pharrison`	Owner	Staff Security Engineer
Kyle Smith	`kyletsmith`	Counterpart	Security Manager
Jan Urbanc	`jurbanc`	Counterpart	Director, Security Operations
Laurence Bierner	`laurence.bierner`	Counterpart	Director, Application Security

Realm labels and tags

The global labels/tags and realm labels/tags should be applied to each resource.

Realm Groups

Each gl_dept_group has a shared GCP project and/or AWS account for group members.

If a group has not been implemented yet, please contact the realm owner for assistance. After a group is implemented, a separate handbook page is created with usage documentation.

Group Name (AWS Account/GCP Project Name)	Usage Documentation (Empty cells are not implemented yet)
`eng-security-shared-infra`
`eng-security-shared-services`
`eng-security-ops-red`
`eng-security-ops-incident-response`
`eng-security-ops-trust-safety`
`eng-security-risk-compliance`
`eng-security-eng-app-sec`
`eng-security-eng-automation`
`eng-security-eng-research`

Usage guidelines

This is a placeholder for the realm owner to provide instructions on best practices and usage guidelines for this infrastructure.