Agenda

Presenter

Duration

Discussion

Technical Reviews of BB specs

Steve Conrad

10 minutes

Architecture team to review Wave 3 specifications: Target Friday August 11 to complete reviews

Update on review process:

• UI/UX - https://app.gitbook.com/o/pxmRWOPoaU8fUAbbcrus/s/Xygp83qW0E147CCaqsI0/ - Review complete. Wes to add issues

• eSignature - https://app.gitbook.com/o/pxmRWOPoaU8fUAbbcrus/s/ZpypLvJhKezO3prCNVTS/ - Aare Laponin. Review Complete

• eMarketplace - https://app.gitbook.com/o/pxmRWOPoaU8fUAbbcrus/s/PUIGDILlDRSOB6K47k6e/ - Aare Laponin. Review Complete

  • Note: Arch team has questions on the scope of this BB. Taylor to raise in eMarketplace Slack channel.

  • The spec is not aligned to template.

  • Wes to reach out to Ramkumar (and Ravi?) to align on next steps

• GIS - https://app.gitbook.com/o/pxmRWOPoaU8fUAbbcrus/s/hkgz6Ka97bI1OCzGXUgW/ - content to be completed next week.

  • Steve to do first pass/review

• Cloud Infrastructure will not be part of Wave 3 and Sept. release

Next steps - once reviews are complete, Wes can create Jira issues for required changes and create Epic to track all tasks. For now, keep comments in GitBook.

Commenters should flag changes as ‘Required’ for anything that must be changed prior to release.

GERA Update

Aare Laponin PSRAMKUMAR

15 minutes

Update on changes to GERA document and progress/next steps

• Arch team is not actively engaged in changing this document.

• Aare working to develop a simple overview/reference document - introduction, definitions, context, reference architecture, implementation guidelines

Working draft:

https://onedrive.live.com/viewEdit.aspx?resid=7B252BA6CB083436!94029551&ithintwdPid=file%2cdocx&wdLOR=c6150EBA7-4B67-A140-9088-2C81F864DEFA&authkey=!ADG46QZQKE_VrJ0

We will need to decide how to publish or whether we can bring back to Open Group.

Could publish in GitBook as part of the spec/release. We will try to target as a part of Sept release - after work is done by Aare, will have architecture team review and move into GitBook.

Can we find another name for this document, so we can release it as something different and ‘sanctioned’ by GovStack:

What is our messaging around the current Open Group GERA document5887d621&authkey=!AC4bdYfdJIaKi8M

Ready for review and comment (Sections 1-3). Steve and Wes to review.

Need to decide where this lives for the upcoming release (GitBook, linked, PDF)?

• Put summary/overview in GitBook (in cross-cutting section) and then link out to full content (ie. PDF in GitHub)?

Review overall diagram and components

Steve Conrad
PSRAMKUMAR

10 minutes

Overall GovStack Architecture Diagram

GovStack Components

Review PPT/diagrams from Ramkumar as well.

Capabilities/Service Blocks

Wes Brown

15 minutes

Review service block (capabilities) template

Need clear definition of distinction between building block and service block.

Future topic - Fall 2023

Manage Access Authorization to BB APIs

Jaume DUBOIS

30 minutes

• Types of accessors checked (human, back-end systems, apps or browser, robots, hardware, ..)

• Granularity of access control (Building block, module, API, single API service, single API service for specific tenant or data)

From Technical Committee Meeting:

BBs should not own RBAC - the calling applications are responsible for it. 

Are we using token based authorization within the request to BB?

How to get candidates bypass its own RBAC?

1. Superuser access to be given when merging with IM backend?

2. Or control to switch off existing RBAC in target BBs

3. option to have api token registered in IM at max permission level for specific member entities

4. come up with a concrete example for this case