Skip to main content
Last updated: 21 Nov 2024

Rules for getting production access

In the GOV.UK programme we restrict access to production systems for new or returning developers, SREs, and technical architects. We do so to defend against accidental mistakes and to provide time for people build knowledge in how to interact with our production systems safely. Note we have separate processes to protect against malicious activity, for example security clearance, probation, building secure systems with audibility etc.

Types of production access

We have two types of production access:

  1. Production Deploy access
  2. Production Admin access

We have a spreadsheet documenting the full list of permissions for both access levels.

Production Deploy access

This level of access allows engineers to deploy code but not administer admin related systems. Access includes:

  • Permission to deploy apps via the GOV.UK Production Deploy Github team
  • Permission to merge pull requests in continuously deployed applications
  • Read-only access to logging systems such as Logit, etc.
  • Read-only access to dashboards in staging and production, such as the Argo CD web UI.
  • AWS readonly access via the role_user_user_arns role in Staging and Production
  • “Normal” role in to GOV.UK Signon on Staging and Production (with app permissions granted as needed)

The steps above are outlined in the GOV.UK Production Deploy template Trello card, which can be copied to your team’s board and carried out by developers. You can ask Platform Engineering for help if you have any access issues.

When you get Production Deploy access

Access can be granted to both civil servants and contractors as needed, at the discretion of a “sponsor”: either the engineer’s (civil servant) tech lead, or a GOV.UK Senior Tech member.

Before approving access, the sponsor should ensure that the engineer:

To grant access, the sponsor should follow the steps in the “GOV.UK Production Deploy” access template card.

Note that a technologist apprentice is limited to Production Deploy access. However, if they are confident and want to take on an in-hours technical on-call shift as a Secondary, they can follow the Production Admin access steps (at their Line Manager’s discretion).

Production Admin access

Gives:

When you get Production Admin access

To grant access, the senior tech person should follow the steps in the “GOV.UK Production Admin” access template card.

Production Admin learning objectives

A new starter/engineer will be expected to work through the following checklist in order to ‘qualify’ for production admin access:

  • The different parts of the GOV.UK technical stack (CDN, frontends, publishing apps, etc). E.g. by attending an “Introduction to GOV.UK Technical Architecture” session (or watching the recording).
  • The deployment pipeline - how code gets from your machine to running on production. E.g. by reading the deployment docs, and learning on the job.
  • The incident management process. E.g. by reading through the So, you’re having an incident doc and completing the incident preparedness quizzes.
  • Best practices around the principle of least privilege, how to safely debug production issues, and how to work with credentials and accounts. E.g. by pairing with another developer to practise a drill on your product team.

Temporarily revoking access

If you’re absent more than 6 weeks, your access should be revoked.