How is the runner secure?

QUESTION

How is the runner secure?

ANSWER

Roles & Permissions

The runner uses different IAM roles for different jobs like provision, de-provision, maintenance and break glass for emergency repair.

• Provision and de-provision roles require the highest permissions since they create and destroy cloud resources.

• The maintenance role can be less permissive since they update specific components or run actions (scripts).

The software vendor defines these roles as part of the app configuration — so the roles and permissions are not defined by Nuon.

Break glass roles are enabled in CloudFormation by the customer and can be referenced in your action (scripts) configurations. These roles provide temporary elevated access to the software vendor for emergency situations or critical deployments.

Shutdown the Runner

The customer can also scale the ASG to 0, which shuts down the EC2 VM with runner preventing the vendor from running any jobs on the customer install. When maintenance is needed, the customer can scale up the ASG.

DOCS

• More About the Runner Permissions

• Break Glass Actions