Before you start
Before you start the onboarding process, review and get prepared:
- Make sure you and your team have the recommended knowledge and skills to use the platform
- Get an overview of our service and the important things to consider when working in the public cloud with the B.C. government
- Identify a Ministry Information Security Officer (MISO) and a Ministry Privacy Officer (MPO). These individuals will be responsible for reviewing and approving your project privacy and security assessments (PIA and STRA), and for providing support for any additional PIAs and STRAs you require while working in the public cloud. You cannot onboard to the public cloud without identifying security and privacy contacts
Step 1: Architectural review and onboarding session
If your team is new in the public cloud, the first step is submitting an email and we will schedule a meeting with your team. Be prepared to answer questions about:
- Your team
- Why you want to use the public cloud
- Which public cloud service provider you want to onboard with
- Your team’s familiarity with working in the cloud
This session prepares you to work in the public cloud, walks you through a practice application deployment and is an opportunity for you to ask us questions.
The onboarding session includes an overview of:
- The cloud service environment and B.C. government landing zone
- Working within the B.C. government’s security and privacy guardrails
- Shared responsibilities of your team, our team and service providers while working in the public cloud
- The tools and services available in the public cloud
- How to login and control access to your accounts
- Sample applications with reusable code you can use
Step 2: Sign the MoU
In the onboarding session we will determine your level of readiness to onboard to the public cloud.
If we determine you’re ready to onboard, the next step is signing a Memorandum of Understanding (MoU).
The MoU contract outlines your commitment to pay for your use of public cloud services, as well as any additional fees associated with using these services. The MoU details those fees and how they should be paid. It must be signed by your ministry and the Expense Authority within your team’s business area.
Once we’ve confirmed your readiness for the public cloud, we’ll send you an MoU by email. Once signed, email us your MoU back.
If we determine you’re not prepared, we’ll :
- Ask additional questions to help us determine if you’re ready
- Outline the prerequisites you’re missing to be able to onboard, and recommend ways to fulfill them
- Recommend another cloud service, if your use case is not appropriate for the public cloud
Step 3: Understand shared responsibilities
When you choose to host your data and applications with support from the Public Cloud Accelerator team, you agree to a shared responsibility model between your team, our team and any of the available public cloud service providers.
Product team responsibilities
We do not provide support for activities such as building, deploying or monitoring your applications. You’re responsible for:
- Building, deploying and maintaining your applications
- Managing your code and backup
- Managing and monitoring application data
- Monitoring your resource, service use and costs
- Communicating with your public cloud service provider to address issues with the service
- Handle Identity and Access management for your applications to ensure appropriate permissions
- Ensure your applications meet security and privacy standards through the completion of STRAs and PIAs, coordinated through your MISO and MPO
- Maintain your application specific network configuration to maintain security in your applications
- Build and maintain a Disaster Recovery Plan (DRP) for your applications
- Integrate your applications with platform tools
- Integrate your applications with other B.C. government services and common components like Pathfinder Single Sign-On, if needed
- Paying for your use of public cloud services
Public Cloud Accelerator team responsibilities
We’re responsible for:
- Acquiring and managing public cloud service contracts for the B.C. government
- Managing billing for all product teams
- Supporting onboarding and off-boarding processes
- Communicating important service updates
- Developing security and privacy guardrails for B.C. government landing zones to ensure security and compliance
- Developing automation for self-serve user access management in the landing zones
- Preparing and maintaining STRA/PIA for the B.C. government landing zones in the public cloud
- Preparing and maintaining Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) for the B.C. government landing zones in the public cloud
- Provision new accounts and projects
- Managing communication channels in Rocket.Chat and answering public cloud hosting questions in Stack Overflow
- Developing technical documentation and resources
- Maintaining a catalogue of public cloud services
Public cloud service provider responsibilities
Service providers are not responsible for the availability and security of your applications and data. They provide:
- Service availability and support
- Tools for you to monitor and report on the resources you use
- Data center operations and infrastructure
- Cost monitoring and invoicing
- Computer, storage and network availability of their service
- Security and privacy of the infrastructure, platforms and software they manage
- Compliance with industry standards including FedRAMP; EU/US Privacy Shield;
ISO 9001, 27001, 27017, 27018
To understand service provider responsibilities that may vary for your specific use case, refer to your service provider’s shared responsibilities documentation:
Step 4: Provision a project set
Your project set is your workspace in the public cloud. It includes 4 accounts for development, testing, production and tools. At present we’re unable to accommodate requests for custom project sets.
Once you’ve completed the onboarding session and signed an MoU, you must submit a product provisioning request through the Platform Product Registry self-service online tool to let us know you want to provision a project.
Once your provisioning request has been approved by the Product Owner for Public Cloud, you will receive an email with the details on how you can access your team’s accounts in the public cloud.
Discover more information about the Platform Product Registry.
Step 5: Additional accounts and tools
We don’t require you to use any specific tools to support your work in the public cloud. However, we use the following tools for collaboration and communications in the public cloud community of teams: GitHub, Rocket.Chat and Stack Overflow.
GitHub is a hosting platform for building, deploying and maintaining open-source projects. It provides tools for project management, collaborative development, issue tracking, team administration, automation and more.
Teams in the B.C. government can create and manage their documentation and code in the B.C. government’s GitHub organization “bcgov.” To access the “bcgov” organization and contribute to repositories, including your own, you must have a GitHub account with two-factor authentication enabled.
Accounts can be added to the “bcgov” organization in GitHub by any existing “bcgov” organization member. You can create a GitHub account at any time.
Rocket.Chat is a communication tool we use to engage with product teams working in the public cloud. You can use it to contact us and interact with teams working in the public cloud, get support and find solutions to common problems.
If you’re having trouble accessing Rocket.Chat, contact us.
Requirements to join Rocket.Chat
In order to join the B.C. Government Rocket.Chat platform, you must have either:
- An active IDIR account
- A GitHub account with membership in the B.C. government organization on GitHub
Join Rocket.Chat with IDIR
To log in to Rocket.Chat using your IDIR, follow these steps:
- Go to the Rocket.Chat login page and click Login
- On the next page, click IDIR
- Use your IDIR username and password to log in, and click Continue
- On the next screen, you may be asked to verify some of your contact information. Review the information and make sure it is accurate. If the information is correct, click Continue. If any information is incorrect, click Edit and update your information. When you’re done, click Continue
- We’ll send a verification email to the email address you provided in your contact information. Follow the steps in the email to verify your email address
- Once you have verified your email address, you’re ready to start using Rocket.Chat
If you have problems logging in to Rocket.Chat, please check that you have an email address associated with your IDIR account. If your IDIR does not have an email address associated with it, contact 7-7000.
Join Rocket.Chat with a GitHub account
To log in to Rocket.Chat using your GitHub account, follow the steps listed above for logging in with an IDIR. In Step 2, click GitHub and use your GitHub username and password to log in.
Your GitHub account must be a member of the B.C. government organization on GitHub
How to check if you’re a member of the B.C. government organization on GitHub
To find out if your GitHub account is a member of B.C. government, follow these steps:
- Log in to GitHub and click on your account icon in the top right corner. From the drop-down menu, select Your organizations
- On the Your organizations page, you will see a list of all the organizations you have been added to. If bcgov is in the list, you can use your GitHub account to join Rocket.Chat
If you’re setting up an account for someone on your team, you can find their GitHub profile using this URL:(https://github.com/team-members-GitHub-username) Insert team member’s GitHub username at the end of the URL. If they are not a member of B.C. government you can invite them to join.
Stack Overflow is a community-based group for developers, supported by developers within the B.C. government, who are working on projects across the B.C. public service.
The Government of B.C. Stack Overflow group is a private space. You can ask and answer questions and support your colleagues in the B.C. government developer community.