DA Meeting 2021-11-10

Please submit any additional items for consideration as replies to this topic.

Current items:

Minutes:

  • Lewis demonstrated the state diagram for the updated pipelines

  • Paul: Revisiting RBAC design

    • breakout session in the week
    • not much overlap between ref arch and the Business Ops Framework
    • reducing the scope of the RBAC design - decided not to implement the Security BC with adapter/anti corruption layer
    • PB noted that it’s unfortunate that we don’t have the resources to do this
  • The RBAC design solves a different problem than what the Security BC does in the reference arch

  • PB noted that when we have the ability, we should strive to go just a bit beyond requirements to solve problems in a reference arch-aligned way

Extensions to current design:

  • enforcing segregating of duty - users can only have 1 permission
  • talked through the lifecycle of roles

Feedback from the DA

  • PB: Opportunity of aligning this with the ref arch, and doing a little bit more
    • Concerned that this is too coupled to the technology choice
    • Put down that this is a tactical decision based on our requirements