Create New "Security Department" Top-Level Folder in GCP
The Security Department would like to have a fresh start in the GitLab.com GCP organization:
- Create the below folder structure, dev & live subfolders, and initial projects with terraform, in a new repo
Stretch Goal: Provide access for a
Security Department/owner's group to manage projects within the
GCP Resource Hierarchy
Provide a list of data and the corresponding classification that will be used in this project and how it will be accessed.
Group Project Access Checklist
Make sure the following criteria is met and understood by the project administrator.
- If the gitlab.com database is copied, that data has been processed by the pseudonymization script.
- Regular security updates are applied to all nodes in the project.
- Unused instances will be removed in a timely manner
- The Project Administrator is responsible for any users or additional administrators that they add to the project
- The Project Administrator is responsible for justifying any cloud spend within the project.
- Group Projects are intended for development, test, or demo work. Everything in these projects is considered temporary.
Create a new branch that is not the same as the group name and is less than 25 characters long. For example,
Create file in https://ops.gitlab.net/gitlab-com/group-projects named
environments/(group name from above).tfvarsby copying an existing file and changing the Administrator and Group Name variables
Once the pipeline succeeds, review the changes are correct and stop the review by activating the
- Merge the change to master
Create a branch from master named
(group name from above)and push
- Verify that the pipeline completed successfully at https://ops.gitlab.net/gitlab-com/group-projects/pipelines
(Optional) If the group does not start with
gitlab-qa-*k, add the newly created branch as a protected branch.