openstack-manuals

Adding Security Checklist in Security Guide

Bug #1342993 reported by Priti Desai on 2014-07-16

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	openstack-manuals	Fix Released	Medium	Priti Desai	openstack-manuals liberty

Bug Description

Add security checklist in the Openstack security guide. We have sample checklist which was created few months ago by reviewing security guide.

The best practice would be to build such checklist dynamically when the guide is updated, otherwise they might go out of date pretty quickly.

Contact Andreas Jaeger for docbook support of dynamic content generation.

Tags:

Revision history for this message

Priti Desai (priti-desai) wrote on 2014-07-16:

openstack-security-checklist.xlsx Edit (185.2 KiB, application/vnd.openxmlformats-officedocument.spreadsheetml.sheet)

Changed in openstack-manuals:
assignee:	nobody → Priti Desai (priti-desai)

Bryan D. Payne (bdpayne) on 2014-07-16

Changed in openstack-manuals:
status:	New → Confirmed
importance:	Undecided → Medium

Revision history for this message

Bryan D. Payne (bdpayne) wrote on 2015-01-28:

Priti, are you still planning to do this or should we un-assign it?

Revision history for this message

Priti Desai (priti-desai) wrote on 2015-02-06:

Hi Bryan,

I had chat with Andreas on this topic during summit in Paris. Andreas suggested me few options on how to incorporate such checklist into each chapter. I will have a checklist for one chapter created and send it your way for review.

Cheers
Priti

Bryan D. Payne (bdpayne) on 2015-02-18

Changed in openstack-manuals:
importance:	Medium → High

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-02-18: Fix proposed to security-doc (master)

Fix proposed to branch: master
Review: https://review.openstack.org/157164

Changed in openstack-manuals:
status:	Confirmed → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-03-16: Fix merged to security-doc (master)

Reviewed: https://review.openstack.org/157164
Committed: https://git.openstack.org/cgit/openstack/security-doc/commit/?id=48eaddf6752180199df1273fe80e774ff6bbec24
Submitter: Jenkins
Branch: master

commit 48eaddf6752180199df1273fe80e774ff6bbec24
Author: Priti Desai <email address hidden>
Date: Wed Feb 18 11:40:47 2015 -0800

Adding Security Checklist

    Adding seperate section for checklists. This is an initial
    commit to get feedback on the format. Starting with checklist
    on Keystone (identity).

Change-Id: If36e99aae03f35775e9df665f7a204580717f5a2
Partial-Bug: #1342993

Revision history for this message

Christian Berendt (berendt) wrote on 2015-04-23:

Priti, further commits are needed here or can we mark this bug report as comleted?

Changed in openstack-manuals:
importance:	High → Medium

Revision history for this message

N Dillon (sicarie) wrote on 2015-05-22:

Priti - please confirm, however I believe there will be more further commits, with the goal being one per chapter.

Tom Fifield (fifieldt) on 2015-06-11

Changed in openstack-manuals:
milestone:	none → liberty

Revision history for this message

Priti Desai (priti-desai) wrote on 2015-09-17:

We need more commits, expecting one for Nova, Swift, Cinder, Glance, Neutron, Horizon, Ceilometer, and Heat.

Now with RST adding such checklist is very easy, starting to resume working on this.

Cheers
Priti

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-09-18: Fix proposed to security-doc (master)

Fix proposed to branch: master
Review: https://review.openstack.org/225291

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-09-30: Fix merged to security-doc (master)

#10

Reviewed: https://review.openstack.org/225291
Committed: https://git.openstack.org/cgit/openstack/security-doc/commit/?id=1b89c359899755396a61480cb2a86e24b9c0736d
Submitter: Jenkins
Branch: master

commit 1b89c359899755396a61480cb2a86e24b9c0736d
Author: Priti Desai <email address hidden>
Date: Fri Sep 18 12:36:14 2015 -0700

Adding Security Checklist

    Adding seperate section on Compute checklists.
    Added bunch of checklist on how to harden configuration files
    and set certain configuration keys for secured communication.

Change-Id: I726060a45a1a2af084a0ef284e88da6486bff758
Partial-Bug: #1342993

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-10-01: Fix proposed to security-doc (master)

#11

Fix proposed to branch: master
Review: https://review.openstack.org/230138

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-10-05: Fix merged to security-doc (master)

#12

Reviewed: https://review.openstack.org/230138
Committed: https://git.openstack.org/cgit/openstack/security-doc/commit/?id=5964683e20803a3aea0186ecdc4217be37db769a
Submitter: Jenkins
Branch: master

commit 5964683e20803a3aea0186ecdc4217be37db769a
Author: Priti Desai <email address hidden>
Date: Thu Oct 1 13:54:15 2015 -0700

Adding Security Checklist

    Adding separate section on Block Storage checklists.
    Added bunch of checks on how to harden configuration files
    and set certain configuration keys for secured communication.

Change-Id: I7d48b36aa2b1b59729ff09c96aa52afc5eac2cbe
Partial-Bug: #1342993

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-10-30: Fix proposed to security-doc (master)

#13

Fix proposed to branch: master
Review: https://review.openstack.org/240370

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-11-11: Fix merged to security-doc (master)

#14

Reviewed: https://review.openstack.org/240370
Committed: https://git.openstack.org/cgit/openstack/security-doc/commit/?id=3e74088675249a3eb1da9e9cc4d42326b89a4358
Submitter: Jenkins
Branch: master

commit 3e74088675249a3eb1da9e9cc4d42326b89a4358
Author: Priti Desai <email address hidden>
Date: Fri Oct 30 10:52:32 2015 +0900

Adding Security Checklist

    Adding separate section on Horizon checklists.
    Added bunch of checks on how to harden configuration files
    and set certain configuration keys for secured communication.

Change-Id: I67e8eca6acd8f3263ddc7a8f4a730a3bf271ff06
Partial-Bug: #1342993

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-11-13:

#15

Reviewed: https://review.openstack.org/240385
Committed: https://git.openstack.org/cgit/openstack/security-doc/commit/?id=16b28336a3013322176d3abd6beaec2fa45bc966
Submitter: Jenkins
Branch: master

commit 16b28336a3013322176d3abd6beaec2fa45bc966
Author: Priti Desai <email address hidden>
Date: Fri Oct 30 11:35:18 2015 +0900

Adding Security Checklist

    Adding separate section on Neutron checklists.
    Added bunch of checks on how to harden configuration files
    and set certain configuration keys for secured communication.

Partial-Bug: #1342993
Change-Id: I8a336d57ee38d47d2b24f276a023dd16e109efd9

Revision history for this message

Priti Desai (priti-desai) wrote on 2015-11-16:

#16

As part of this feature, we have introduced checklist for most of the OpenStack core services:

http://docs.openstack.org/security-guide/identity/checklist.html
http://docs.openstack.org/security-guide/dashboard/checklist.html
http://docs.openstack.org/security-guide/compute/checklist.html
http://docs.openstack.org/security-guide/block-storage.html
http://docs.openstack.org/security-guide/shared-file-systems/checklist.html
http://docs.openstack.org/security-guide/networking/checklist.html