We would love help hardening our infrastructure, but given the sensitive nature of this project, the repository work is currently being done in a private repository. Rather than tracking issues through tickets, work will be described here.
You can find some more general information about our current infrastructure here.
Please reach out to us on the chat if you want to help!
By the end of the impl period, we should:
Recruit an InfoSec team to advise on security practices.
Have dedicated production and developer environments to reduce attack surfaces and accidents.
Document and educate the infrastructure team on secure processes.
Open work items
Finish setting up the dev environment.
Encode the production environment.
Encode crates.io’s infrastructure in code.
Encode crater’s infrastructure in code.
Move crater into the dev environment.
Encode play.rust-lang.org into code.
Audit and isolate play from the rest of the infrastructure.
Consider move to ECS
Review and remove where possible any roles delegated to play infrastructure
Review and audit any infrastructure that produces binary builds
Setup offline backups for the crates ecosystem.
Identify all the secrets used in the infrastructure.
Audit access and permissions in all the cloud infrastructure.
AWS Specific: Apply privileges to individual accounts with IAM Roles(leverages STS)
AWS Specific: Discuss practices for root account access with root account holder
Rotate the secrets for good measure, and setup rotation to happen on a regular schedule.
Setup Datadog monitoring to monitor the health of the infrastructure.
Document how to onboard and offboard access.
Investigate auditing solutions.
AWS Specific: CloudTrail
rate and size limits - all public APIs for crates.io should have rate and size limits, to avoid denial-of-service attacks and