docs: sync

Bayer-Group · Dec 4, 2023 · 138cd49 · 138cd49
1 parent a6e637c
commit 138cd49
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -7,6 +7,8 @@ Want to set up user agnostic automation? Do you want to comply with credential r
 
 ## Deploy Terraform
 
+> :warning: When running Autoken as an admin, make sure to familiarize yourself with the [Secure Operations for Autoken](docs/secure-operations.md) information.
+
 Use the Terraform module to deploy Autoken to your AWS account. Provide your GitHub organization and Artifactory / SonarQube information as needed.
 
 ```
@@ -62,7 +64,7 @@ For every GitHub Repository, `bayer-group/terraform-aws-autoken` maintains a tra
 
 ## Architecture
 
-See [the architecture documentation](architecture.md) for further information on how Autoken is set up.
+See [the architecture documentation](docs/architecture.md) for further information on how Autoken is set up.
 
 ## Contributing
 

diff --git a/docs/secure-operations.md b/docs/secure-operations.md
@@ -0,0 +1,9 @@
+# Secure Operations for Autoken
+
+* **Understanding the Actor Behind a Request**: Autoken is triggered by non-human actors, making it challenging to trace back to a human actor. It's important to understand that the event triggering the pipeline can be tracked by GitHub, even if the responsible person can't be traced directly.
+* **Proper Training**: Autoken relies on the administrators of the GitHub repository to secure access within their repository. Misconfigured repositories can lead to misuse of the identity used to authenticate through Autoken. Therefore, proper training and guidance are crucial to mitigate this risk.
+* **Managing Critical Credentials**: Autoken holds highly critical admin credentials for the resources it interacts with. Leakage of these credentials can have a high impact. Therefore, these credentials should be monitored for abnormal behavior and updated promptly to avoid security breaches.
+* **Preventing Information Leakage**: Autoken leaves traces behind in every resource it interacts with, potentially exposing which projects use Autoken for authentication. To mitigate this risk, error messages should be thoroughly cleaned, or boilerplate responses should be used.
+* **Handling Dependencies on External Services**: Autoken's functionality depends on the availability of the brokered resource. The risk associated with the resource's availability can be transferred to those responsible for the given resource.
+* **Dealing with Changes**: Autoken is highly reliant on the resources it interacts with. Drastic changes in these resources can lead to unforeseen side effects. Therefore, breaking changes should be closely observed and personnel should actively monitor news of changes in the used resources.
+* **Managing 3rd Party Dependencies**: Autoken uses 3rd party dependencies in its code, which can have vulnerabilities. These vulnerabilities can potentially put the entire application at risk. Therefore, Software Composition Analysis (SCA) should be performed to identify the used 3rd party open-source dependencies and their versions, enabling developers to be alerted of newly published vulnerabilities and update dependencies in a timely manner.