Terrateam Security and Data Protection Information


Last Updated: 19 April 2024

Security Information

Terrateam takes many measures to make sure customer data stays private. This includes following security best practices and various other steps listed in this document. A coordinated approach is taken to protect customer data focusing on technical and procedural solutions.

This document is an overview of Terrateam information security policies and procedures. It is not exhaustive. The below should not be relied on as a warranty of any services Terrateam provides or in any other way as amending or modifying our Terms of Service.

Terrateam will re-evaluate our information security procedures from time to time, but does not have an obligation to proactively communicate updates on this document should any changes occur. The following documents will be kept up to date and users are encouraged to occasionally review these pages:

Please contact security@terrateam.io if you think you’ve found a security issue.

Data Center Security

Terrateam uses virtual machines located in the United States in secure and shared hosting facilities with redundant and reliable access. All Terrateam virtual machines are logically segregated from other virtual machines in the hosting facility.

  • All virtual machines are located in Fly.io data centers in the United States
  • Virtual machines are exclusively used for Terrateam
  • Redundant power, cooling, and internet connectivity
  • 24/7 staffed security
  • Restricted physical access with biometrics controls

Fly.io is SOC 2 Type II compliant. More information can be found here: https://fly.io/security

Application Security

Terrateam is a GitHub application that translates GitHub events into Terraform operations. There are two major components of the Terrateam service:

  • The backend which receives GitHub events and makes decisions using the event payload
  • The GitHub Actions runner which is hosted on the GitHub Actions platform and executes the jobs that the backend creates

Many security measures are put in place:

  • Security best practices followed
  • Security logs regularly reviewed
  • Patches applied on regular intervals
  • Firewalls implemented in front of all internal and external endpoints
  • Security policies in place that follow the principle of least privilege
  • TLS encrypted connections required for application access
  • Application uses well-tested open source software
  • Regular security audits
  • Formal process in place to grant elevated access to systems
  • Data encrypted in-transit and at-rest
  • Vendor provided passwords have been changed from default
  • Encrypted backups

Data Privacy

Terrateam does not access source code repositories directly except for the Terrateam configuration file that lives within the repository. The application will execute a git clone against a customer repository within the GitHub Actions runtime environment in order to perform Terrateam operations.

Customers may choose to leverage GitHub Secrets for Terrateam operations that take place within the GitHub Actions runtime environment. Terrateam does not read these secrets and they are not explicitly sent back to the Terrateam backend outside of Terraform plan files which could contain sensitive information. Terrafor plan files are necessary to store on the Terrateam backend in order for the application to operate. plan files are encrypted at-rest and deleted as soon as they are used by their respective operation or after 14 days.

GitHub Application Permissions

The Terrateam GitHub application requires customer permissions. An explanation of each permission can be found below.

Repository Permissions

Actions: Read and Write

Workflows, workflow runs and artifacts.

Execute Terrateam operations.

Checks: Read-Only

Checks on code.

Validate GitHub checks have passed before running a Terrateam apply.

Commit statuses: Read and Write

Commit statuses.

Provide user feedback on Terrateam operations and validate commit statuses before running a Terrateam apply.

Contents: Read and Write

Repository contents, commits, branches, downloads, releases, and merges.

Retrieve the Terrateam configuration file.

Issues: Read and Write

Issues and related comments, assignees, labels, and milestones.

Create and update issues for drift detection.

Metadata: Read-Only

Search repositories, list collaborators, and access repository metadata.

Required by GitHub.

Pull Requests: Read and Write

Pull requests and related comments, assignees, labels, milestones, and merges.

Trigger Terrateam operations and merge a pull request.

Secrets: Read and Write

Manage Actions repository secrets.

Future implementation of a secrets management interface.

The Secrets read permission only allows Terrateam to retrieve the secret name without revealing its encrypted value.

Organization Permissions

Members: Read-Only

Organization members and teams.

Used for access control and other internal Terrateam operations.

Account Permissions

Email Addresses: Read-Only

Manage a user's email addresses.

Account-related emails only.

GitHub Application Events

The Terrateam GitHub application requires repository event subscriptions. An explanation of each subscription can be found below.

Issue Comment

Issue comment created, edited, or deleted.

Trigger Terrateam operations.

Issues

Issues opened, edited, deleted, transferred, pinned, unpinned, closed, reopened, assigned, unassigned, labeled, unlabeled, milestoned, demilestoned, locked, or unlocked.

Trigger Terrateam operations.

Pull Request

Pull request assigned, auto merge disabled, auto merge enabled, closed, converted to draft, demilestoned, dequeued, edited, enqueued, labeled, locked, milestoned, opened, ready for review, reopened, review request removed, review requested, synchronized, unassigned, unlabeled, or unlocked.

Trigger Terrateam operations.

Push

Git push to a repository.

Trigger Terrateam operations.

Workflow Job

Workflow job queued, requested or completed on a repository.

Track when Terrateam workflow jobs are queued, requested, or completed.

Workflow Run

Workflow run requested or completed on a repository.

Track when Terrateam workflow runs are requested or completed.

Incident Response

Terrateam prioritizes the security and integrity of our systems and data. Our incident response plan outlines how we address and manage potential security incidents to minimize impact and uphold our commitment to customer trust and data protection. This plan provides an outline of our procedures for managing security incidents from initial detection through to resolution and post-incident analysis.

Preparation

Our preparation ensures that our team is ready to respond to security incidents:

  • Team training: All team members receive regular training on the latest security threats and response strategies.
  • Tools and resources: We maintain up-to-date security monitoring and response tools to ensure rapid detection and resolution of security issues.

Identification

Quickly identifying incidents is crucial for effective response:

  • Monitoring tools: Our monitoring systems continuously scan for unusual activity indicative of a security incident.
  • Alert protocols: We have protocols in place to ensure that any potential security incident is immediately escalated to the appropriate personnel.

Containment

Our containment strategies are designed to limit the impact of an incident:

  • Immediate containment: We take immediate action to isolate affected systems to prevent the spread of any threat.
  • Long-term containment: We assess and implement changes to prevent future occurrences, which may include system enhancements or additional security measures.

Eradication

Removing the threat is a critical step in our process:

  • Root cause analysis: We investigate to understand the source of the incident and take steps to remove any threats from our environment.
  • System cleanup: After eradicating the threat, we perform a thorough cleanup to ensure no remnants of the incident remain.

Recovery

Our recovery process ensures that our services return to full functionality securely and efficiently:

  • System restoration: Systems are carefully brought back online with enhanced monitoring to ensure stability and security.
  • Post-recovery monitoring: Additional monitoring post-recovery helps ensure no recurrence of the incident.

Lessons Learned

Every incident provides an opportunity to enhance our security posture:

  • Review and analysis: We conduct detailed reviews of our response to understand what happened, how we responded, and how we can improve.
  • Plan updates: Insights gained from the incident are used to strengthen our incident response plan and security measures.

Communication with Customers

Transparency is key to our approach:

  • Timely notification: We communicate honestly and promptly with our customers if their data or services are affected.
  • Clear communication: Our updates are clear, providing essential information without unnecessary complexity.

Keeping Your Data Safe and Secure

Terrateam is dedicated to protecting your data with strong security measures and a quick-response plan. We keep only essential customer data to ensure maximum safety, making it much harder for breaches to expose significant information. We constantly improve our security to handle new threats and make our systems better. Your trust is very important to us, and we work hard to keep it with openness, careful attention, and ongoing improvements.