eduroam Managed IdP service should transition from its pilot under the JRA3, into the SA2 production operations. The exit pilot gate was approved by the PLM on 25th of June , officially marking the start of transition.
What is the relations to pilot - something to move or install from scratch
The transition generally consist of the following areas of work:
- Documentation preparation and signoff
- Test and Validation
- GDPR compliance checking
- IPR compliance checking
- Operational team establishment
- Operational team training
- Support team establishment
- Support team training
- Operational deployment
- Service promotion
Teams/people:
- Operations accountable: Marina Adomeit, Miroslav Milinović
- Development accountable: Ann Harding
- Development team: Stefan Winter, Justin Knight
- GEANT T&I operation support/Core team: Nicole Harris, Dick Visser
- PLM product manager
- Test team: Marcin Wolski
- Service manager (SM): Miroslav Milinović
- IPR accountable: Shaun Cairns
- GDPR accountable: Ana Alves
Status | ||||
---|---|---|---|---|
|
IN PROGRESS
DONE
No | Work item | Responsible | Comment | Status | Start date | End date | ||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
1 | Preparation of documentation - based on the SA2 Service Template | |||||||||||
Service Description | -Development team prepares -SM signs off | |||||||||||
Service policy (Terms of use, SLA) | -Development team prepares -SM & GEANT signs off | We need a separate Terms of use. It should point to eduroam service definition. There is a head terms contract in development by GEANT, would need adapting to this service if used There is a place in the UI where to place the Terms of Use is already shown. Already exists for CAT, so aim to re-use for this service. GEANT should sign it off as a legal body that is responsible for the service. To be discussed with GEANT(Nicole/core team). | ||||||||||
Branding and Visibility | -Development team prepares -SM signs off | Web page text at https://www.eduroam.org/eduroam-managed-idp/ | ||||||||||
Operational Requirements | -Development team prepares -SM and core team sign off | |||||||||||
OLA | -Development team prepares -SM and core team sign off | There is no OLA template at the moment, but potentially Nicole's core team can help out. | ||||||||||
Operational documentation | -Development team prepares -SM signs off, test team can validate | |||||||||||
Operational processes | -Development team prepares -SM signs off, test team can validate | Need to define: service order (what happens from point of interest to service availability for a customer) and support process - Marina will send the questionnaire prepared by the Task 4 to Stefan to provide the info and Task 4 can draw the flow charts. | ||||||||||
User documentation | -Development team prepares -SM signs off, test team can validate | |||||||||||
User support | -Development team prepares -SM signs off, test team can validate | Prepare the FAQ for the first level support. Add them to the current FAQ that service desk uses + enable service desk to check by themselves if a user's IdP is managed eduroam IdP | ||||||||||
GDPR - data inventory, privacy notice, DPA | -Development team prepares -GDPR accountable and SM signs off | Data inventory prepared as part of the eduroam one | IN PROGRESS | |||||||||
2 | Test and validation | |||||||||||
Make a test plan | Development team and Test team prepares | Testing of the code was done Penetration testing on the production deployment before "cutting the ribbon" | ||||||||||
3 | IPR compliance checking | |||||||||||
IPR compliance | IPR accountable | Define with Stefan and Miro on what needs to go through the IPR check and send a request. Stefan Winter to prepare the IPR request (what are the software components, libraries, tools used) Marina to check who is accountable | should start ASAP! | |||||||||
4 | GDPR compliance checking | GDPR accountable | ||||||||||
Data inventory and mapping | Data inventory is already prepared; with Nicole and Ana to carry out assessment |
| ||||||||||
Update the privacy notice | Update the eduroam privacy notice to include the managed eduroam IdP as well. Publish once the production gate is passed. | |||||||||||
Prepare the data processing agreement | ||||||||||||
5 | Operational team establishment | |||||||||||
Appoint service manager | Operations accountable | It comes under the eduroam service family and existing service manager. |
| |||||||||
Define roles, skills, manpower needed | Development team | |||||||||||
Appoint operational team members | SM | It could be done by the Srce & Maja/Tomasz team - for GN4-2, for GN4-3 it should be defined and clarified. (Dubravko could be Radius, Dragan for the system upgrades). The development support will be needed by Stefan&Tomasz | IN PROGRESS | |||||||||
6 | Operational team training | |||||||||||
Training the operational team | Development team prepares eduroam-OT is trained | TBD,over couple of VC should suffice | ||||||||||
7 | Support team establishment | |||||||||||
Establish the support team | Level 1 will done by the SD, L2 will be over the eduroam-ot, L3 will be via the development team |
| ||||||||||
8 | Support team training | |||||||||||
Training of the support team | Development team prepares eduroam-OT is trained | TBD,over couple of VC should suffice | ||||||||||
9 | Deployment in production environment | |||||||||||
Central monitoring set up | core team | Plan A : monitoring core team Plan B can be covered by Miro - Nagios by Srce Specific monitoring need to be scribed by the development team |
| |||||||||
Back up and restore | core team |
| ||||||||||
Resource inventory configured | core team |
| ||||||||||
VM provision | GEANT IT VMs | Plan A: If the outstanding issues with the GEANT IT VMs are not resolved till the end of July, they will be sourced form an NREN or commercial | ||||||||||
Installation of the components |
| |||||||||||
Raspberry Pi for the root CA | Needs to be procured - Stefan will by over Restena and claim over the project JRA3 / SA2 Question: save safely, offline, the raspberry pi as it will hold the root key - for the core team? Organise the root CA creation ceremony | |||||||||||
stefan/miro needs to write up this in details ... | ||||||||||||
10 | Service Promotion | |||||||||||
Web site update | PR team Development team to provide the text Marina can share a narrative template Justin to check with Karl what is prepared | Prepare all in the eduroam PR site, but publish when the production gate is passed. Web page draft at https://www.eduroam.org/eduroam-managed-idp/ A new page describing the service offering (similar to CAT). Link that new page from the NRO page and Institution page. | IN PROGRESS | |||||||||
Promotion of the service | Talk to Nathalie/Silvie Francisci silvie.Francisci@geant.org about the Partner Portal and getting the service in there. Promotion via the eduroam-SG, by the service manager | |||||||||||