You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As an organization that runs a trusted digital repository, I want to ensure that files can't be deleted by unauthorized users, and can't easily be deleted accidentally. However, on 30 September 2024 the team learned that our checksum files had been deleted. They were deleted more than 30 days ago, so we cannot restore them. We do not have any record of who deleted them or why, and we have no reason to think this can't happen again. Also, if this can happen to our checksum files, we think it could also happen to actual research data.
Acceptance criteria
Investigate and document what AWS user owns the files right now, and what ACLs are attached to those files
Is it currently the case that any PUL AWS user could delete PUL files?
If so, what ACLs should we be putting into place to ensure that only authorized users can delete files?
Document all of this and give it to Kate
The text was updated successfully, but these errors were encountered:
The owner of all of the other files I checked is also aws-0003
Since all files have the same owner, and that owner can read and write their own files, I believe that anyone who can authenticate to the pulibrary AWS account can delete PDC files or buckets.
To fix this, we need to set permissions policy at the bucket level. Currently, there is no ACL policy in place.
User story
As an organization that runs a trusted digital repository, I want to ensure that files can't be deleted by unauthorized users, and can't easily be deleted accidentally. However, on 30 September 2024 the team learned that our checksum files had been deleted. They were deleted more than 30 days ago, so we cannot restore them. We do not have any record of who deleted them or why, and we have no reason to think this can't happen again. Also, if this can happen to our checksum files, we think it could also happen to actual research data.
Acceptance criteria
The text was updated successfully, but these errors were encountered: