Onboard your team to public cloud hosting
Start hosting your data and applications in the public cloud. Learn how to onboard your team and provision your first project.
Before you start
Before you start the onboarding process, review and get prepared:
- Confirm that your team has the recommended knowledge and skills to use the platform
- Review our service overview and key considerations for working in the public cloud with the B.C. government
- Identify a Ministry Information Security Officer (MISO) and a Ministry Privacy Officer (MPO). These individuals review and approve your project’s privacy and security assessments (PIA and STRA) and support additional PIAs and STRAs as needed. You must identify security and privacy contacts before onboarding
Step 1: Architectural review and onboarding meeting
If your team is new in the public cloud, the first step is to schedule an onboarding meeting with your team. Be prepared to discuss:
- Your team’s purpose and goals for using the public cloud
- Your chosen public cloud service provider
- Your team’s experience with cloud environments
- Architecture design
- Security and privacy assessments
- Your designated Ministry Information Security Officer (MISO) and a Ministry Privacy Officer (MPO)
- Estimated costs in the public cloud
This meeting introduces you to the public cloud environment, walks you through a practice application deployment and provides an opportunity to ask questions.
The onboarding meeting covers:
- The cloud service environment and B.C. government landing zones
- How to work within the B.C. government’s security and privacy guardrails
- Shared responsibilities between your team, our team and service providers
- Available cloud service providers in the public cloud
- How to log in and manage access to your accounts
- An overview of sample applications with reusable code
If your team isn’t ready for the public cloud use, we’ll:
- Help you assess your readiness
- Outline the missing prerequisites and suggest ways to meet them
- Recommend alternative hosting services if your use case isn’t suitable for the public cloud
Step 2: Sign a Memorandum of Understanding (MoU)
After receiving your completed form, we’ll review it to determine your level of readiness to onboard to public cloud.
If we determine you’re ready to onboard, the next step is signing a Memorandum of Understanding (MoU).
If we determine you’re not prepared, we’ll set up a meeting to discuss your intake form. During this meeting, we may:
- Ask additional questions to help us determine if you’re ready
- Outline the prerequisites you’re missing to be able to onboard, and recommend ways to fulfill them
- Recommend another cloud service, if your use case is not appropriate for the public cloud
Step 3: Sign the MoU
The MoU contract outlines your commitment to pay for your use of public cloud services, as well as any additional fees associated with using these services. The MoU details those fees and how they should be paid. It must be signed by your ministry and the Expense Authority within your team’s business area.
Once we’ve confirmed your readiness for the public cloud, we’ll send you an MoU by email. Once signed, email us your MoU.
Step 4: Onboarding session
After signing the MoU, you’re ready for your onboarding session. This session prepares you to work in the public cloud, walks you through a practice application deployment and is an opportunity for you to ask us questions.
The onboarding session includes an overview of:
- The cloud service environment and B.C. government landing zone
- Working within the B.C. government’s security and privacy guardrails
- Shared responsibilities of your team, our team and service providers while working in the public cloud
- The tools and services available in the public cloud
- How to login and control access to your accounts
- Sample applications with reusable code you can use
Contact us to schedule your onboarding session.
Step 5: Understand shared responsibilities
When you choose to host your data and applications with support from the Public Cloud Accelerator team, you agree to a shared responsibility model between your team, our team and any of the available public cloud service providers.
Product team responsibilities
We do not provide support for activities such as building, deploying or monitoring your applications. You’re responsible for:
- Managing your applications and data
- Managing your code and backup
- Monitoring your resource, service use and costs
- Managing the security and privacy of your applications and data
- Monitoring and addressing issues with your applications and data
- Communicating with your public cloud service provider to address issues with the service
- A project-level STRA and PIA
- Integrating your application with other B.C. government services and common components like Pathfinder Single Sign-On, if needed
- Paying for your use of public cloud services
Public Cloud Accelerator team responsibilities
We’re responsible for:
- Acquiring and managing public cloud service contracts for the B.C. government
- Completing the required security and privacy assessments (STRA, PIA) for cloud service providers during procurement
- Managing billing for all product teams
- Developing security and privacy guardrails for B.C. government landing zones
- Supporting onboarding and off-boarding processes and communicating important service updates
- Securing product team access to public cloud service providers
- Provisioning new accounts and projects
- Managing communication channels in Rocket.Chat and answering public cloud hosting questions in Stack Overflow
- Developing technical documentation and resources
- Maintaining a catalogue of public cloud services
Public cloud service provider responsibilities
Service providers are not responsible for the availability and security of your applications and data. They provide:
- Service availability and support
- Tools for you to monitor and report on the resources you use
- Data center operations and infrastructure
- Cost monitoring and invoicing
- Computer, storage and network availability of their service
- Security and privacy of the infrastructure, platforms and software they manage
- Compliance with industry standards including FedRAMP; EU/US Privacy Shield;
ISO 9001, 27001, 27017, 27018
To understand service provider responsibilities that may vary for your specific use case, refer to your service provider’s shared responsibilities documentation:
Step 6: Provision a project set
Your project set is your workspace in the public cloud. It includes 4 accounts for development, testing, production and tools. At present we’re unable to accommodate requests for custom project sets.
Once you’ve completed the onboarding session, you must submit a product provisioning request through the Platform Product Registry self-service online tool to let us know you want to provision a project.
Discover more information about the Platform Product Registry.
Step 7: Additional accounts and tools
We don’t require you to use any specific tools to support your work in the public cloud. We find GitHub, Rocket.Chat, Terraform and Stack Overflow useful.
GitHub
GitHub® is a hosting platform for building, deploying and maintaining open-source projects. It provides tools for project management, collaborative development, issue tracking, team administration, automation and more.
Teams in the B.C. government can create and manage their documentation and code in the B.C. government’s GitHub organization “bcgov.” To access the “bcgov” organization and contribute to repositories, including your own, you must have a GitHub account with two-factor authentication enabled.
Accounts can be added to the “bcgov” organization in GitHub by any existing “bcgov” organization member. You can create a GitHub account at any time.
Rocket.Chat
Rocket.Chat® is a communication tool we use to engage with product teams working in the public cloud. You can use Rocket.Chat to contact us, interact with teams working in the public cloud, get support and find solutions to common problems.
Terraform
HashiCorp Terraform is an open-source infrastructure as code software tool. You can use Terraform to safely create, change and improve infrastructure. B.C. government teams can use Terraform in their workspaces in the public cloud. We have completed a base assessment of the Terraform service but your team will need to consult with your Ministry Information Security Officer (MISO) and your Ministry Privacy Officer (MPO) to determine if additional assessments are required for your specific use of Terraform.
Stack Overflow
Stack Overflow is a community-based group for developers, supported by developers within the B.C. government, who are working on projects across the B.C. public service.
The Government of B.C. Stack Overflow group is a private space. You can ask and answer questions and support your colleagues in the B.C. government developer community.