Access to staging is limited to GDS office IPs
During a recent security incident responders would have liked to be able to test
access limitations to certain paths on GOV.UK in the staging environment without
running the risk to re-expose sensitive data.
In order to ensure this, the decision to limit access to our staging environment to GDS office IPs was made in the incident review.
We have documented the changes made to the firewall rules in the 6DG/Carrenza vDirector environment in the (private) govuk-provisioning repository.
Access to the staging frontends hosted in AWS is protected by the security group (SG) associated with the external cache load balancer (Link requires AWS Console access).