Users with OFA Admin and (STT) Data Analyst roles can upload data on upload data files locally into the web application which will store the files in cloud.gov AWS S3 buckets only after the files are successfully scanned for viruses via ClamAV. For lower environments, we use an NGINX server to function as a proxy, routing to the ClamAV-rest server in the production space. The NGINX server also functions as a gatekeeper, allowing documents for scanning to only come from backend servers, and only able to route them directly to the ClamAV-rest server.
Developers will deploy new code through GitHub, initiating the continuous integration process through Circle CI.
Production, Staging, and Dev spaces provide users with access to a shared location for app development, deployment, and maintenance. The frontend and backend application in each environment is scoped to a space. Roles provide access control for these resources and each space role applies only to a particular space. Developer access to the Dev space does not permit access to Production. Development and Staging environments will not contain any PII.
All web users will log into the system through their web browsers. An Nginx server sits in front of each frontend application to serve the frontend application as well as act as a reverse proxy which blocks traffic to TDP from outside the US/US territories. For traffic within the US/US territories:
- all non-acf users will leverage Login.gov and two factor authentication.
- all ACF users will leverage ACF AMS and authenticate using PIV/CAC. Developers will also have access to the
devandstagingspaces using SSH.
All users will be required to be approved within the application by an administrator.
Beyond web-based authentication through ACF AMS or Login.gov, and developer SSH access to the dev Space, CircleCI will also have access to the various environments to support deployments. TDP system administrators will trigger CircleCI-based deployments via GitHub.
Additionally, the SendGrid E-mail API receives requests from the backend applications in each environment to trigger email notifications for key user activities in TDP: requests for access, admin changes to user accounts (approval, denial, deactivation), and data submissions. SendGrid only has access to TDP user email addresses.
Application configuration will be handled by environment variables stored securely within cloud.gov.