Administrative access#
See the Deploy documentation for access to self-hosted services.
If a service is down, check its status page:
Note
If you are a consultant, do not use or create your own organizational accounts on services like Fixer, Prerender, Docker Hub, etc. All organizational accounts must be owned by OCP.
Airtable#
There should be a minimum of two Owners from OCP only.
Amazon Web Services#
There should be a minimum of two IAM users in the administrators group from OCP only. The root user should not be used.
GitHub#
There should be a minimum of two owners from OCP. Owners do not need to be added to teams.
Tip
Use the org:owners task to check the configuration.
See also
Google#
Admin#
There should be a minimum of two Super Admin users from OCP only.
Less secure apps is set to “Allow users to manage their access to less secure apps” for the open-contracting.org domain, and Allow less secure apps is set to “ON” for the data@open-contracting.org user, so that Redmine can fetch mail.
Analytics#
Use Fathom instead.
Cloud Platform#
Note
Use Amazon Web Services, unless an application requires access to Google-exclusive services like Google Drive.
There should be a minimum of two Organization Administrator users from OCP only.
Periodically review all projects. To view a project’s history, click its Activity tab. To view a project’s resources, click its Dashboard tab. Projects include:
Library (two storage buckets)
Pelican (IAM user)
Website Search (API key)
Drive#
All users with access to this folder should belong to OCP only.
Groups#
There should be a minimum of two Owner members from OCP only.
PyPI#
For each package owned by the opencontracting user, there should be a minimum of two Owner users from OCP, including opencontracting
.
Only users who are reasonably expected to upload releases should have the Maintainer role.
If a third-party organization maintains a package, there can be one user from that organization with the Owner role to add maintainers (e.g. OpenDataServices
).
ReadTheDocs#
There should be a minimum of two users with the Maintainer role from OCP.
Third-party maintainers of PyPI packages can be added to the package’s associated ReadTheDocs project, including organizational accounts (e.g. opendataservices
).
Sentry#
There should be a minimum of two members with the Owner role and one member with the Billing role from OCP.
Third-party developers can be added with the Admin or Member role to organization-specific teams for specific projects.
Transifex#
There should be a minimum of two Administrators users from OCP only.
If we reach our collaborator limit, manage collaborators, removing those who were last seen more than 9 months ago.