RACI
Sharing responsibilities
Last updated
Sharing responsibilities
Last updated
To have a common understanding about the responsibilities and duties between cegedim.cloud and the customer, we use a RACI matrix.
R
Responsible
Assigned to complete the task or deliverable
A
Accountable
Has final decision-making authority and accountability for completion (only 1 per task)
C
Consulted
An adviser, stakeholder, or subject matter expert who is consulted before a decision or action
I
Informed
Must be informed after a decision or action
Below is the RACI matrix describing actions related to managed products from cegedim.cloud's catalog.
There are slight differences according to the plan subscribed by the customer :
Self Service
The customer can create resources directly through ITCare, using self-service and pay-per-usage.
On Request
Resources are provisioned and delivered by cegedim.cloud on request by the customer.
Create, Stop, Start, Delete or Resize an instance or a cluster
Self Service
I
A / R
The decision of provisioning / stopping / starting / deleting a deployment and associated parameters is done by the customer.
The actions are performed :
by customers through ITCare if they have subscribed to the "On Demand" service
for others customers, by cegedim.cloud's Professional Services team
Use an instance or a cluster
*
I
A / R
Customer is responsible of the healthy usage of the product.
Modify configurations
On request
A / R
I
Certain configuration parameters can be modified at the customer's request.
Standard Monitoring
*
A / R
I
Monitoring is mandatory, and accessible to customer through ITCare.
Performance metrics
*
R
I
Performance metrics are provided by default and reachable through ITCare.
Backup and Restoration
*
R
A / I
Backup policy is defined by customer and applied by cegedim.cloud, which is responsible of ensuring that backups are done, and restoration of data when requested.
Customer has information about the backup in ITCare.
Disaster Recovery Protection
*
R
A / I
Disaster Recovery is activated by customer and applied by cegedim.cloud, which is responsible of ensuring that associated RTO and RPO are reached.
Customer has information about the Disaster Recovery Protection in ITCare.
Security Patches
*
R
A / I
Cegedim.cloud passes security patches in the execution environment, quarterly, during "Patch parties", by default.
Version Upgrades
On Request or Self Service
R
A / I / R
Upgrade can be done by the customer from the ITCare in autonomy when possible OR a request can be issued by the customer, and if the transition is possible, cegedim.cloud will upgrade or update the product version.
Some of our products have specific actions that can be carried out autonomously and in self-service from our ITCare cloud management tool. The matrices below are therefore complementary to the generic RACI matrix.
Add a Kubernetes node
Self-service
I
A / R
Customer can add Kubernetes nodes in self-service using ITCare.
Resize Kubernetes nodes
Self-service
I
A / R
Customer can resize Kubernetes nodes in self-service using ITCare.
Remove a Kubernetes node
Self-service
I
A / R
Customer can remove a Kubernetes node in self-service using ITCare.
Enable HA mode
Self-service
I
A / R
Customer can enable High Availability on a Kubernetes cluster in self-service using ITCare.
Add a MariaDB read-only Replica
On Request
A / R
I
On request, a read only MariaDB replica can be configured for a standalone MariaDB node.
Index management
*
I
A / R
Customer is responsible of the creating and managing his indices. cegedim.cloud do not have access to them except for the security_audit index.
Restore source PostgreSQL on a destination (seed)
Self-service
I
A / R
The decision to restore a PostgreSQL farm to another PostgreSQL farm is made by the client. The actions are carried out:
through ITCare if they have subscribed to the "On Demand" service.
by the Professionnals Services team at cegedim.cloud
Convert to High availability
Self-service
I
A / R
The decision to restore a PostgreSQL farm to another PostgreSQL farm is made by the client. The actions are carried out:
through ITCare if they have subscribed to the "On Demand" service.
by the Professionnals Services team at cegedim.cloud
Manage Apache Kafka objects
*
I
A / R
Customer is responsible of the Apache Kafka objects management (topics, partitions, etc..) and its healthy usage.
Manage RabbitMQ objects
*
I
A / R
Customer is responsible of the RabbitMQ objects management (exchanges, queues, etc..) and its healthy usage.
Enable / Disable Bot Defense option on a Load Balancer
Self-service
I
A / R
The decision of enabling / disabling the Bot Defense option is done by the customer.
Add or delete Whitelisted IP
Self-service
I
A / R
Customer can add or delete whitelisted IP.
Access to DDOS and blocked requests from Bot Defense and Dos Protection
Self-service
I
A / R
Report in real time blocked request (Including blocked ip, blocking reason and the support ID).
Request details on blocked request
On Request
A / R
I
Upon request by the customer, more information can be provided for a blocked request by providing the support ID
Designate a champion and define data masking objectives
*
I
A / R
Define the context of the masking
*
I
A / R
Identify sensitive data to be masked (specifications)
*
I
A / R
Identify data integrity constraints within the database
*
I
A / R
PDM : discover and sensitive data tag
*
A / R
I / C
PDM : Masking rules and masking policy definition
*
A / R
I / C
PDM : Optional : custom rules and dictionaries implementation
*
A / R
I / C
PDM : Masking plan creation and execution*
10 anonymization treatments included
12 months subscription
Options: Package of 10 additional anonymization treatments to use within the subscription period
*
A / R
I / C
Results verification and masking effectiveness validation
*
I
A / R
*Each execution includes: prerequisite check, script execution, monitoring of the execution by an IT security expert in direct contact with the customer
Manage storage volumes
Self-service
I
A / R
Customer is responsible of the management (creation, deletion, resize) of the storage volumes for his cluster.
Create an Object Store
Self-service
I
A / R
The decision of provisioning / Deleting / modify an Object Store and associated parameters is done by the customer.
The actions are performed :
by customers through ITCare if they have subscribed to the "On Demand" service
for others customers, by cegedim.cloud's Professional Services team
Manage Object Store Quota
Self-service
I
A / R
Delete a Object Store
Self-service
I
A / R
Create an Object User
Self-service
I
A / R
The decision of creating an Object User and associated parameters is done by the customer.
The actions are performed :
by customers through ITCare if they have subscribed to the "On Demand" service
for others customers, by cegedim.cloud's Professional Services team
Manage Object Users
Self-service
I
A / R
The decision of modify an Object User and associated parameters is done by the customer.
These actions include the Secret Key renewal or Object User locking.
The actions are performed :
by customers through ITCare if they have subscribed to the "On Demand" service
for others customers, by cegedim.cloud's Professional Services team
Delete Object Users
Self-service
I
A / R
The decision of Delete an Object User and associated parameters is done by the customer.
The actions are performed :
by customers through ITCare if they have subscribed to the "On Demand" service
for others customers, by cegedim.cloud's Professional Services team
Create Bucket
Self-service
I
A / R
Bucket creation and associated parameters is done by the customer.
The actions are performed using the S3 API.
Delete Bucket
Self-service
I
A / R
Bucket deletion and associated parameters is done by the customer.
The actions are performed using the S3 API.
Manage Bucket Policy
Self-service
I
A / R
Bucket Policy management is done by the customer.
The actions are performed using the S3 API.
Manage Lifecycle Configuration
Self-service
I
A / R
Lifecycle Configuration management is done by the customer.
The actions are performed using the S3 API.
Manage Object Configuration
Self-service
I
A / R
Object Lock configuration on Bucket or object is done by the customer.
The actions are performed using the S3 API.
Availability and Monitoring
*
R / A
I
cegedim.cloud will ensure the Object Storage Service is globally available and healthy at all times.
Multi Region Replication
*
R / A
I
Data replication between region is done by cegedim.cloud, which is responsible of ensuring that associated RTO and RPO are reached.
Customer has information about the Disaster Recovery Protection in ITCare.
Security Patches
*
R / A
I
cegedim.cloud apply security patches. it is transparent for customers and this does not lead to an interruption of service.
Version Upgrades
*
R / A
I
cegedim.cloud apply upgrade patches. it is transparent for customers and this does not lead to an interruption of service.
S3 API may change.