Database Access
Who can request access
Only the product developer can approve and request access.
When can access be granted
Access to databases is granted only when the request is approved and documented by product developer.
How to request access
-
Product developer creates a Jira ticket in Cloud Computing | Board
Jira ticket must include:
- Full name of the person who needs access
- Database name
- Required access level (read / write)
- Duration (if temporary)
- Clear business justification
-
The access will be implemented and documented via a pull request on Github: Database Accesses by a developer from the development team or someone from Cloud team.
-
Team Cloud approves/rejects pull request after reviewing both code and access document.
Sensitive databases
For databases that contain one or more of the following:
- Personal data
- Confidential information
- Financial data
- Archived data
Access must be time-restricted and granted only for the periods required to perform error correction or necessary maintenance.
All SQL code executed for write operations must be retained and committed to:
Github: Database Accesses
How to find personal database user credentials
After a pull request is approved, a new secret will be created in AWS Secrets Manager in the relevant AWS account.
The secret name follows this format:
<username>_db_user
From the AWS Console, this secret is accessible only to that user and contains the database credentials:
- Username
- Password
Note
Database user passwords are rotated automatically every month.
Removal of access
Access must be removed:
- When a developer leaves
- When responsibilities change
- When access is no longer required
Removal is requested via Jira by product developer, similar process to access request.
Key Principles
- No shared database users for production environments
- Least privilege
- Documented business need and access history
- Annual access review