Emory AWS Service Tech Transfer Background Documentation

Purpose of this Documentation

The purpose of this documentation is to provide the detailed, supplemental information on the software applications that implement the Emory AWS Service for the Emory Office of Technology Transfer Intellectual Property Disclosure Form. This form is a cursory declaration of and invention and ownership of the intellectual property, but for a large project such as this it requires significant background.

Background on Preparing and IP Disclosure

In early 2018, LITS contacted OTT about preparing an IP disclosure for the software applications that implement the Emory AWS Service. This project was a large initial effort and will be a large on-going effort to maintain and operate. Tens of thousands of person hours went into the nearly two-year design discussion and proof-of-concept and one-year long implementation project. All of the work performed on this project was implemented by Emory employees and consultants under contract to perform works for hire for Emory. In our initial discussions with OTT due to the scale of this project, it was decided we could forego the customary personal attribution of contributions of intellectual property by individual inventors in this description and deal with any requirements for that in some other document if required.

Emory AWS Service Description

Emory maintains a master description of the Emory AWS Service that is used to describe its overall purpose, features, and operation at any given point in time. This description is used to prepare documentation for customers, training materials, and write test cases to verity the service.

General Applicability of the Solution

The Emory AWS Service is comprised of the software products and projects listed below. At a high level all of these products are useful to other organizations that have similar infrastructure to Emory, but specifically the following components could be immediately implemented in other organizations looking to provision, secure, and manage AWS.

  1. Account and VCP CloudFormation Templates

  2. Service Control Policies 

  3. The Security Risk Detection Service

  4. The AWS Account Service  (sites that do not use NetIQ for Identity Managment would need to implement a service to expose their roles and role membership to the AWS Account Service)

  5. VPC Provisioning Web App  (sites that do not use NetIQ for Identity Managment would need to implement a service to expose their roles and role membership to the AWS Account Service)

  6. AWS Landing Page

  7. Temporary Key Issuance (TKI) Service

  8. Temporary Key Issuance (TKI) Command-Line Client

  9. Network Operations Service

  10. Cisco ASR Service (other sites that use the Cisco ASR series routers)

Account and VPC CloudFormation Templates

These templates provide the basis for all structures, IAM policies, and roles related to AWS accounts and how all assets within accounts will be accessed. There are separate type 1 and type 2 VPC templates that implement structures specific to these two VPC types. Emory had developed comprehensive unit tests for the structures and intended functions of the policies implemented in these templates and automated the execution of these tests in DevOps pipelines. These practices make them readily maintainable and suitable for collaboration and enhancement with larger teams.

Service Control Policies

Service Control Policies are used to restrict access to services and features of services for all accounts and principals within an organization. Emory has implemented SCP for both HIPAA-compliant and Standard class accounts and implemented a large test suite to validate their intended function and automated the execution of these tests in DevOps pipelines, which make them readily maintainable and suitable for collaboration and enhancement with larger teams. Other sites may disagree with the specifics of Emory's policies, but they can implement different policies within this framework if desired. Emory anticipates that many of these policies will be of common interest and value to other implementing sites.

Security Risk Detection Service

What cannot be controlled by IAM or Service Control Policies Emory controls with the Security Risk Detection Service. This service is a framework for holding a constant watch over a series of AWS accounts and executing a series of Security Risk Detectors which are paired with Security Risk Remediators to detect and remedy security risks. Emory has implemented detectors and remediators for approximately 50 risks that cannot be managed by policy. The components of this service in addition to Detectors and Remediators are the core web service itself which receives requests to perform detections/remediations in accounts, the scheduler that requests these detections on a schedule, and consumers that listen for detections and permanently persist them and create alerts for specific risks. This service runs in mulitple threads and is horizontally scalable in that it can be run in multiple instances concurrently to reduce the interval on which detections and remediation are run. The service can reduce the overall check interval in an account to under one minute and if enough instances are run down to seconds, dramatically reducing the window of opportunity for bad actors to exploit any vulnerabilities. Other sites may disagree with the specifics of Emory's defined security risks or remedies, but they can implement different detectors and remedies within this framework if desired. Emory anticipates that many of these security risks will be shared by other implementing sites even if some specifics details of the detection or remedy differ. These differences are easily accounted for with small variations in custom detectors or remediators.

AWS Account Service

An AWS account and service metadata repository is necessary to provision and manage accounts, assess AWS services for risks, to scan accounts for security risks, and to integrate AWS consolidated billing with an organization's finance systems. The Emory AWS Account Service is a backend application exposed as a web service to perform these functions. Specifically, it implements the following high-level features:

  1. Persists AWS Account Metadata such as account number, account, owner, compliance class, financial account number, e-mail addresses, etc.

  2. Persists VPC metadata for the VPCs in accounts including their ID, type, CIDR range, VPN connection profile, etc.

  3. Exposes the AWS account alias for accounts to a number of service components that need to display the account alias.

  4. Persists account notifications for security risk detections and remediations as well as other administrative events. The service also creates a user notification for all users associated with the account for every account notification.

  5. Persists user notifications to record delivery of notifications to specific users and also delivers notifications to the user via other modalities they have selected in their user profile (presently e-mail).

  6. Exposes organization-specific logic for who is allowed to provision new accounts for other components of the solution that need to make this determination such as the provisioning orchestration and the ServiceNow request form.

  7. Exposes a multi-step, transactional orchestration for automatically provisioning AWS accounts that are integrated into Emory's identity, network, and security infrastructure. Presently there are approximately 45 steps in total for provisioning that have been identified for accounts with type 1 and type 2 VPCs. Emory has successfully implemented the 30 step process for provisioning accounts with type 1 VPCs.

  8. Picks up and processes the monthly master account bill, persisting the data for permanent storage and produces a file to import into Emory's PeopleSoft financial accounting system. Each account owner will be billed in the Emory financial system for all charges pertaining to their account by associating these charges with the financial account number they provided at the time they provisioned the account.

  9. Detects and persists a master list of AWS services using the AWS support API and exposes service operations to maintain all metadata about these services that Emory must manage to determine whether a service is HIPAA eligible according to AWS and according to Emory, what the display name of the service is, if it is fully available, blocked, or available with countermeasures, etc.

  10. Persists and exposes service operations for managing security risk assessments for each AWS service. Implementing specific, verifiable controls and tests in the form of IAM policies, services control policies, and security risk detectors and remediators requires a highly structured security risk assessment and enumeration of required controls.

  11. Persists and exposes web service operations for terms of use to which all end users must agree at relevant points of service such as from the VPCP web app and TKI client.

  12. Persists and exposes web service operations for terms of use agreements by end users.

  13. Persists and exposes user profile data for the AWS account service

  14. Exposes web service operations for a convenience object called AccountUser which aggregates user data from the Emory directory, authoritative person system, and identity management, so many components of the solution do not have to do that themselves.

In order to implement many of these features, the AWS Account Service must invoke the services of an authorization service, which at Emory is implemented by the Identity Management web service. This service provides Emory cannonical role and role assignment data, which tells the AWS Account Service which users are associated with which accounts and roles. Other implementing sites will need to implement or adapt a service like this to expose their account roles. Emory uses a product called NetIQ for this purpose and Emory's Identity Management web service exposes this data. Other implementing site may use a directory service like LDAP or Active Directory, use AWS principals, or some other commercial or open source identity management solution. Emory has started abstracting this out into a general process with the AccountUser object that could provide a common object for all implementing sites to provide all user and authorization data the service needs.

The following is a swim lane diagram that illustrates the high-level interactions between the account and VPC provisioning process and all other components of the solution. Click to enlarge.

VPC Provisioning Web Application

The VPC Provisioning web application is the primary end user interface of the AWS Account Service and integrations with other backend systems and automations at Emory. This application performs the following major functions for five roles of account administrator, account auditor, central administrator, central auditor, and network administrator. Note that the access level to the functions of the application vary by role.

  1. View and maintain account metadata

  2. View and maintain VPC metadata

  3. Manage firewall rule requests

  4. Manage static NAT (Emory Elastic IP) requests

  5. Manage AWS service metadata

  6. Manage AWS service security risk assessments

  7. View list of central administrators

  8. Send account notifications

  9. Send user notifications

  10. Manage static NAT (Emory Elastic IP) public IP numbers

  11. View static NAT provisioning and deprovisioning transactions

  12. Manage VPN connection profiles

  13. View VPN connection provisioning and deprovisioning transactions

  14. View AWS account and VPC provisioning transactions

  15. View account notifications

  16. View user notifications

  17. Download the temporary key issuance (TKI) client

  18. Link to AWS@Emory support documentation and resources

All of these features with the exception of the firewall rule, static NAT, and VPN connection provisioning would be immediately useful to other sites. In order for other implementers to make use of the firewall rule, static NAT, and VPN connection provisioning features that site would either need to have the same Palo Alto firewalls and Cisco ASR routers as Emory or provide a new implementation of the Firewall Service and Network Operations Service that managed their different implementations of these functions.

The following is a swim lane diagram that depicts the high-level interactions between the VPCP web app and all other components of the solution. Click to enlarge.

AWS Landing Page

The landing page provided by AWS has several major functions:

  1. Provide users with a link to order the service

  2. Allow users to log into their accounts

  3. Help users explore AWS services

Emory users of its brokered service cannot use the AWS-provided page for these purposes, because Emory has implemented a comprehensive provisioning process to integrate the AWS accounts with Emory's identity, network, and security infrastructure. Emory users cannot use the main AWS page to login, because Emory has integrated the AWS account login with Emory's SAML 2.0 single sing-on infrastructure. And Emory has implemented many AWS service restrictions and countermeasures, which must be communicated to users along with service descriptions and documentation.

All other sites that implement this type of brokering will require a new main AWS landing page to replace the one provided by AWS, and this landing page is immediately useful to any site implementing this infrastructure.

Temporary Key Issuance (TKI) Service

The use of temporary API keys is an AWS best practice that reduces the risk and impact associated with compromised AWS keys. The TKI service integrates the temporary key issuance process with several important pieces of Emory's backend infrastructure:

  1. A SAML 2.0 identity provider which is itself integrated with Emory identity management

  2. Duo two-factor authentication

  3. AWS Account Service metadata repository

  4. The AWS accounts the users are logging into

This service orchestrates the authentication of the user with username and password, Duo two-factor authentication, role assumption, and issues temporary credentials for the appropriate account. This service would be immediately useful to any site using this infrastructure with a SAML 2.0 identity provider and Duo two-factor authentication. If the site did not desire two-factor authentication, they could toggle it off. If a site wanted to use a different two-factor authentication provider, the TKI service would need to be modified to support other providers.

Temporary Key Issuance (TKI) Command-Line Client

The TKI command-line client is the user interface that users interact with to request temporary API keys through the TKI service. Any site that uses the TKI service could make immediate use of the TKI client. The client comes with an installer that installs the client and all of its dependencies on Windows, Mac OS, and Linux clients.

Network Operations Service

The Network Operations Service is an orchestration service that is invoked by the account and VPC automatic provisioning and the VPCP web app to:

  1. Provision and deprovision static NAT (Emory Elastic IP)

  2. Provisiong and deprovision site-to-site VPN connections between the Emory network and AWS accounts

  3. Expose important support data for provisioning network resources the VPN connection profiles

This service interacts with the Cisco ASR service deployment to perform modifications on Emory's network routers that provision static NAT and VPN connections. Because this service is largely a generalized orchestration that could interact with any backend router service, this service should be useful to any site implementing this infrastructure. If other sites had different network equipment to implement these functions, they would need to implement different services like the Cisco ASR service to expose those devices to the provisioning orchestrations.

Cisco ASR Service

This Cisco ASR Service exposes static NAT and VPN connection provisioning and deprovisioning to the Network Operations Service which coordinates these transactions. This service would be immediately useful to any other site that use the sample equipment, specifically Cisco ASR 1002 routers. Sites using other network gear to automate these functions would need to expose those operations to the Network Operations Service. The Cisco ASR service is implemented with the Netconf libraries, which interact with an industry standard network configuration interface, so much of this would could be applicable to automating these connections on other network gear, but there would be effort to implement these configuration management transactions on other network equipment.

AT&T Netbond Service

Emory discontinued use of the AT&T Netbond Service for AWS DirectConnect and opted for the site-to-site VPN approach. However, the AT&T Netbond Service would be useful to any site that uses a DirectConnect strategy with the AT&T Netbond service.

Elastic IP Service

The Elastic IP service maintains a registry of public IP addresses available for static NAT and their assignments to owners. When Elastic IP assignments are requested by users this service registers these assignments and public to private IP mappings and invokes the Network Operations Service to orchestrate static NAT provisioning and deprovisioning as needed. This service would be immediately usable to any site that wants to implement their own alternative to elastic IP and had exposed static NAT capabilities of its routers through the Network Operations Service.

E-mail Address Validation Service

The E-mail Address Validation Service validates that e-mail addresses can be delivered to. This is useful in the provisioning process to ensure that pre-provisioning e-mail distribution lists are setup properly and to count the inventory of pre-provisioned distribution lists. This service presently uses the Neverbounce API and service as the backend provider of this validation. This service could be used by any implementing site immediately as it is today.

PeopleSoft Service Enhancements

Emory has exposed many data objects from PeopleSoft using its PeopleSoft ESB/web service. The specific object that is useful for the Emory AWS Service is the financial account number or SPEED_CHART object. The command that implements this and the service framework could be immediately deployed and used by any PeopleSoft site that uses financial account numbers in a similar manner as Emory. Other sites would need to implement their own financial account number validation service if they desired to confirm the validity of financial account numbers entered into the AWS account provisioning and administration processes.

Software that Implements the Emory AWS Service

Major Applications, Services, and Infrastructure (18)

ID

Name

Type

Description

Team(s)

ID

Name

Type

Description

Team(s)

1

VPC CloudFormation Templates

Infrastructure as Code with Tests and Pipeline

These templates implement most of Emory's VPC and network topology in AWS along with IAM policies for access control. The majority of the codebase consists of tests to verify the structure, function, and security aspects of this infrastructure

  • EASI Infrastructure

  • IT Architecture

2

Service Control Policies

Security policies as Code with Tests and Pipeline

These policies implement controls for services within Emory AWS accounts. There is one implementation for standard accounts and another for HIPAA accounts. The majority of this codebase consists of tests to verify the function of the security controls

  • EASI Infrastructure

  • IT Architecture

3

AT&T Netbond Service

ESB/Web Service

Exposes the AT&T NetBond API for provisioning a VLAN for DirectConnect to the ESB, so that it can be invoked from the AWS Account Service provisioning orchestration and other appropriate contexts.

Note: this service has been obsoleted and replaced by the Network Ops Service and Cisco ASR service with the move from AWS DirectConnect to site-to-site VPN.

  • IT Architecture

4

AWS Account Service

ESB/Web Service

Exposes AWS API calls to the ESB for AccountAlias, AccountOrganizationMembership, CloudFormation Stack, SamlProvider, Peering, and Route. Exposes Emory's metadata store for Account and VirtualPrivateCloud. Implements the VirtualPrivateCloud and Account provisioning orchestration.

  • IT Architecture

5

Security Risk Detection Service

ESB/Web Service and

Scheduled Application

Implements security vulnerability remediation when triggered by events or on a schedule. Security Checker Commands are used to detect and correct security vulnerabilities that cannot be managed by policy alone.

Note: this project is one of the largest code efforts of the project, presently detecting and remediation approximately 50 types of risks.

Technical Design Documentation: https://serviceforge.atlassian.net/wiki/x/DAA5C

  • IT Architecture

6

Cisco ASR Service

ESB/Web Service

Exposes the Static NAT and VPN Connection provisioning on Emory's Cisco ASR routers to provisioning and administration applications.

  • IT Architecture

7

Network Operations Service

ESB/Web Service

Orchestrates Static NAT and VPN Connection provisioning on two Cisco ASR routers as these devices do not orchestration or replication configurations. It also exposes these operations to provisioning and maintenance applications.

  • IT Architecture

8

Elastic IP Service

ESB/Web Service

Exposes a registry of Emory public IPs available for static NAT to internal Emory addresses within AWS VPCs. Will potentially also invoke an operation to perform static NAT on demand if such an API exists.

  • IT Architecture

9

Firewall Service

ESB/Web Service

The Emory firewall service exposes Emory's on premises Palo Alto firewall to the ESB to allow other applications and services to query for firewall rules in place by tag. For example, this allows the VPCP web app to query the firewall for all firewall rule exceptions associated with a specific VPC.

  • IT Architecture

10

Identity Management (IDM) Service

ESB/Web Service

Exposes the Role and RoleAssignment objects to create IDM roles for new AWS accounts from the autoprovisioning process and add users into those roles.

  • UIT Integration

  • UIT Identity Managment

11

Lightweight Directory Service (LDS) Service

ESB/Web Service

This service exposes operations to query, create, update, and delete LDS groups to support the autoprovisioning process. LDS groups are required to implement some aspects of role and distribution list membership and must be created in coordination with the NetIQ role creation.

  • IT Architecture

12

ServiceNow Service

ESB/Web Service

Exposes the ServiceNow Incident object and a couple specific ServiceNow request objects: FirewallRule and ElasticIp. Incident operations can be invoked from the AWS Account Service's autoprovisioning process when it encounters errors and request operations are invoked from the VPCP web app to implement ElasticIp and FirewallRule features.

  • UIT Integration

  • UIT ITSMO

13

PeopleSoft Service (enhancements)

ESB/Web Service

The PeopleSoft Service needs to have support for an additional object added for this project essentially to validate a speedtype. As a validation operation, this is query only. This is used from applications like the AWS Account Service, VPCP web app, and ServiceNow form to validate speedtype input and also validate stored speedtypes on a regular interval as speedtypes expire. This ensures that we have a valid billing speedtype for all AWS accounts.

  • UIT Integration

  • LITS Finance & Administration

  • IT Architecture

14

Temporary Key Issuance (TKI) Service

ESB/Web Service

The TKI Service handles requests from the TKI command-line applications to facilitate authentication with Emory login, two-factor authentication, role assumption, and temporary key issuance.

  • IT Architecture

15

Temporary Key Issuance (TKI) Client

ESB/Web Service

Emory needs command-line applications for Windows, MacOS, and Linux to interact wtih Emory Login and AWS STS to issue and manage temporary API keys.

  • IT Architecture

16

E-mail Address Validation Service

ESB/Web Service

Validates whether or not e-mail addresses exist and if e-mail can be delivered to them. This service presently uses the Neverbounce commercial e-mail validation API. The AWS VPC and Account Provisioining process invokes this service to determine if the next set of distribution lists pre-provisioned by the Messaging Team actually exist and work. It also calls this API to count the distribution list inventory and alert the Messaging Team if the inventory is running low by creating a ServiceNow request or incident. This is all necessary, because the Messaging Team reports that the creation of Office365 distribution lists cannot presently be automated reliably.

  • IT Architecture

17

Emory AWS Service Landing Page

Web App

This is the main launch page for the Emory AWS Research service to help users sign up for the service, log in to the AWS console and VPCP application, and otherwise explore the service, its features, and restrictions

  • IT Architecture

18

VPC Provisioning and Management Web App

Web App

Provides views into account and VPC metadata for customers and LITS administrators and provides a user interface to manage account administrator role membership, Emory Elastic IPs, and firewall rules. The VPCP web app also provides a user interface to invoke the VPC and account provisioning process for LITS administrators to develop and test the provisioning process. End users will invoke the provisioning process through a ServiceNow request form that should also display for them the status of this process in a detailed and clean interface. If not, ServiceNow can also consume the VPCP web app provisioning view.

  • IT Architecture

Specific Code Projects (33)

In order to implement these applications and services, Emory developed the following software:

ID

Name

Files

Lines of Code

Percentage of Total Code

Emory Repo Location / RHEDcloud Repo Location

Description

Apps/Services

Team(s)

Developers

git-shortlog-sn

  • Consultants

External Dependencies

ID

Name

Files

Lines of Code

Percentage of Total Code

Emory Repo Location / RHEDcloud Repo Location

Description

Apps/Services

Team(s)

Developers

git-shortlog-sn

  • Consultants

External Dependencies

1

Emory AWS Research Service Account-Level CloudFormation Template and Tests

48

8,795

  1. 77%

https://bitbucket.org/itarch/emory-aws-rs-account-cfn /

Paul Petersen





Provides an AWS CloudFormation template that will setup IAM Roles, IAM Policies, and AWS CloudTrails within an AWS account.  The AwsAccountServices deploys this template as part of provisioning a new AWS account.

In addition to the AWS CloudFormation template, this repository also contains a test suite used to verify the structure and functionality after the template has been deployed.

  • VPC CloudFormation Templates

  • EASI Infratructure

  • IT Architecture

152=Zach-Cox

87=Paul-Petersen

87=Stephen-Wheat

43=Josh-VanderLinden*

25=Tom-Cervenka

24=Tod-Jackson

21=Joel-Burke

20=Bruce-Anderson-II

15=Yannan-Lu

9=Circe-Tsui

5=Jamalh-Lagrone

1=Ryan-Hewett

  1. Boto3 (Apache 2.0)

  2. pytest (MIT)

  3. pytest-mock (MIT)

  4. pytest-cov (MIT)

  5. redis-py (MIT)

2

Emory AWS VPC Type 1 CloudFormation Template and Tests

96

5,894

  1. 18%

https://bitbucket.org/itarch/emory-aws-vpc-type1-cfn /

Paul Petersen

Provides an AWS CloudFormation template that will setup a Type1 VPC and associated networking within an account.  This includes subnets, route tables, customer gateways, and VPN connections.  

The AwsAccountService deploys this template as part of provisioning a new Type1 VPC.

In addition to the AWS CloudFormation template, this repository also contains a test suite used to verify the structure and functionality after the template has been deployed.

  • VPC CloudFormation Templates

  • EASI Infratructure

  • IT Architecture

72=Paul-Petersen

67=Josh-VanderLinden*

49=Stephen-Wheat

21=Circe-Tsui

15=Zach-Cox

13=Yannan-Lu

12=Joel- Burke

7=Bruce-Anderson-II

6=Jamalh Lagrone

5=Tod-Jackson

5=Tom-Cervenka

3=Ryan-Hewett

  1. Boto3 (Apache 2.0)

  2. pytest (MIT)

  3. pytest-mock (MIT)

  4. pytest-cov (MIT)

  5. pytest-xdist (MIT)

  6. redis-py (MIT)

3

Emory AWS VPC Type 2 CloudFormation Template and Tests

96

5,223

  1. 05%

https://bitbucket.org/itarch/emory-aws-vpc-type2-cfn /



Paul Petersen

Provides an AWS CloudFormation template that will setup a Type2 VPC and associated networking within an account.  This includes subnets, route tables, customer gateways, and VPN connections.  

This AwsAccountService will deploy this template as part of provisioning a new Type2 VPC.

In addition to the AWS CloudFormation template, this repository contains a test suite used to verify the structure and functionality after the template has been deployed.

  • VPC CloudFormation Templates

  • EASI Infratructure

  • IT Architecture

49=Ryan-Hewett

41=Joel-Burke

41=Yannan-Lu

22=Josh-VanderLinden*

22=Paul-Petersen

17=Chris-Riddle

4=Stephen-Wheat

3=Zach-Cox



  1. Boto3 (Apache 2.0)

  2. pytest (MIT)

  3. pytest-mock (MIT)

  4. pytest-cov (MIT)

  5. redis-py (MIT)

4

Emory Firewall VPC CloudFormation Template and Tests

102

6,287

  1. 26%

https://bitbucket.org/itarch/emory-aws-vpc-firewall-cfn /

Paul Petersen

Provides a set of AWS CloudFormation templates that will setup a transit firewall VPC and a pair of firewalls within an account.  

  • VPC CloudFormation Templates

  • EASI Infratructure

  • IT Architecture

33=Paul-Petersen

30=Yannan-Lu

23=Ryan-Hewett

21=Joel-Burke

7=Chris-Riddle

4=Josh-VanderLinden*

3=Stephen-Wheat

  1. Boto3 (Apache 2.0)

  2. pytest (MIT)

  3. pytest-mock (MIT)

  4. pytest-cov (MIT)

  5. redis-py (MIT)

5

Emory AWS Service Control Policies and Tests for Standard Accounts

144

44,591

  1. 96%

https://bitbucket.org/itarch/emory-aws-org-standard-scp /



Paul Petersen

Provides a Service Control Policy for a Standard account.

In addition to the Service Control Policy, this repository contains a test suite to verify functionality of the Service Control Policy.

  • Service Control Policies

  • EASI Infratructure

  • IT Architecture

347=Josh-VanderLinden*

276=Dwight-Bell*

65=Don-Boots*

64=Andrew-Udvare*

22=Paul-Petersen

21=Stephen-Wheat

6=Zach-Cox

3=Tom-Cervenka

1=George-Wang*



  1. Boto3 (Apache 2.0)

  2. pytest (MIT)

  3. pytest-mock (MIT)

  4. pytest-cov (MIT)

  5. redis-py (MIT)

6

Emory AWS Service Control Policies and Tests for HIPAA Accounts

4

599

  1. 12%

https://bitbucket.org/itarch/emory-aws-org-hipaa-scp /

Paul Petersen

Provides a Service Control Policy for a HIPAA account.

In addition to the Service Control Policy, this repository contains a test suite to verify functionality of the Service Control Policy.

  • Service Control Policies

  • EASI Infratructure

  • IT Architecture

33=Josh-VanderLinden*

15=Dwight-Bell*

6=Don-Boots*

2=Paul-Petersen

  1. Boto3 (Apache 2.0)

  2. pytest (MIT)

  3. pytest-mock (MIT)

  4. pytest-cov (MIT)

  5. redis-py (MIT)

7

Common Pipeline Scripts and Foundation Components

25

4,604

  1. 93%

https://bitbucket.org/itarch/emory-aws-pipeline-scripts /

Paul Petersen and Tom Cervenka

Provides a set of scripts used for deploying and managing software pipelines.  Several of the scripts in this repository, can also be used for deployment and maintenance on accounts directly.



  • VPC CloudFormationTemaplates

  • Web Services

  • Web Applications



  • EASI Infratructure

  • IT Architecture

30=Josh-VanderLinden*

15=Tom-Cervenka

11=Stephen-Wheat

2=Steve-Brodeur*

1=Henry-Lai*

  1. Boto3 (Apache 2.0)

  2. pytest (MIT)

  3. pytest-mock (MIT)

  4. pytest-cov (MIT)

  5. redis-py (MIT)

8

Common Test Foundation Components for Python Tests of VPC and SCP CloudFormation Templates

97

14,778

  1. 97%

https://bitbucket.org/itarch/emory-aws-python-testutils /

Paul Petersen

Provides a set of common functions that are used by tests across repositories.  Additionally, this repository provides some reporting functions.

  • VPC CloudFormation Templates

  • Service Control Policies

  • EASI Infratructure

  • IT Architecture

199=Josh-VanderLinden*

55=Dwight-Bell*

39=Tom-Cervenka

17=George-Wang*

15=Paul-Petersen

4=Stephen-Wheat

2=Don-Boots*

1=Andrew-Udvare*

1=Ryan-Hewett

1=Zach-Cox

1=Bruce-Anderson-II

  1. Boto3 (Apache 2.0)

  2. pytest (MIT)

  3. pytest-mock (MIT)

  4. pytest-cov (MIT)

  5. redis-py (MIT)

9

AWS Message Object API (MOA)

377

66,587

13.38%

http://bitbucket.org/itarch/aws-moas /

George Wang





  • IT Architecture

80=Stephen-Wheat

15=George-Wang*

4=Tom-Cervenka

2=Tod-Jackson



10

Emory AWS Account Service

1,144

82,690

16.62%

http://bitbucket.org/itarch/emory-aws-account-service /

Steve Wheat

Exposes AWS API calls to the ESB for AccountAlias, AccountOrganizationMembership, CloudFormation Stack, SamlProvider, Peering, and Route. Exposes Emory's metadata store for Account and VirtualPrivateCloud. Implements the VirtualPrivateCloud and Account provisioning orchestration.

  • VPCP Web App

  • Account Provisioning

  • TKI Service/Client

  • SRD Service

  • IT Architecture

135=Stephen-Wheat

111=George-Wang*

16 Jonathan Blackie*

14 Tod Jackson

  1. aws-java-sdk-1.11.470 (Apache

    1. 0)

  2. aws-moa (Emory)

  3. emory-moa-1.2 (Emory)

  4. servicenow-moa (Emory)

  5. commons-io-2.5 (Apache 2.0)

  6. commons-net-3.6 (Apache 2.0)

  7. commons-validator-1.4.0 (Apache 2.0)

  8. httpclient-4.5.3 (Apache 2.0)

  9. jdom (Apache license with attribution clause removed)

  10. jms-1.1 (CDDL)

  11. log4j-1.2.15 (Apache 2.0)

  12. openeai-core (LGPL)

  13. openeai-utils (LGPL)

  14. xpp3-1.1.4c (Looks like Apache 1.0 derivative)

  15. JavaMail (CCDL and GPL with classpath exception)

  16. xstream-1.4.10 (BSD)

11

Emory AT&T Netbond Service

13

2,503

  1. 50%

http://bitbucket.org/itarch/emory-att-netbond-service /



Tod Jackson





Exposes the AT&T NetBond API for provisioning a VLAN for DirectConnect to the ESB, so that it can be invoked from the AWS Account Service provisioning orchestration and other appropriate contexts.

Note: this service has been obsoleted and replaced by the Network Ops Service and Cisco ASR service with the move from AWS DirectConnect to site-to-site VPN.

Obsolete, was invoked by:

  • Account Provisioning

  • VPCP Web App

  • IT Architecture

9=Tod-Jackson

1=Stephen-Wheat

  1. att-moa (Emory)

  2. commons-logging-1.2 (Apache 2.0)

  3. gnu-regexp-1.1.4 (LGPL)

  4. httpclient-4.5.4 (Apache 2.0)

  5. httpcore-4.4.7 (Apache 2.0)

  6. javax.json (JAVAEE)

  7. javax.ws.rs-api-2.1 (JAVAEE)

  8. jdom (Apache license with attribution clause removed)

  9. jersey (Jersey)

  10. jms-1.1 (CDDL)

  11. log4j-1.2.15 (Apache 2.0)

  12. JavaMail (CCDL and GPL with classpath exception)

  13. openeai-core (LGPL)

  14. openeai-utils (LGPL)

12

Emory Security Risk Detection Service

500

49,306

  1. 91%

http://bitbucket.org/itarch/emory-aws-srd-service /

https://bitbucket.org/rhedcloud/rhedcloud-srd-service





  • IT Architecture

196=Henry-Lai*

146=Kevin-Hale-Boyes*

1=Stephen-Wheat



  1. aws-java-sdk-1.11.482 (Apache

    1. 0)

  2. aws-moa (Emory)

  3. emory-moa-1.0.0-20 (Emory)

  4. commons-logging-1.2 (Apache 2.0)

  5. gnu-regexp-1.1.4 (LGPL)

  6. httpclient-4.5.5 (Apache 2.0)

  7. httpcore-4.4.9 (Apache 2.0)

  8. commons-codec-1.10 (Apache 2.0)

  9. jdom (Apache license with attribution clause removed)

  10. jms-1.1 (CDDL)

  11. javax.mail-1.6.0 (JAVAEE)

  12. openeai-core (LGPL)

  13. openeai-utils (LGPL)

  14. openii (LGPL)

  15. log4j-1.2.17 (Apache 2.0)

  16. jackson-core-2.6.7 (Apache 2.0)

  17. jackson-databind-2.6.7.2 (Apache 2.0)

  18. jackson-annotations-2.6.0 (Apache 2.0)

  19. jackson-dataformat-cbor-2.6.7 (Apache 2.0)

  20. joda-time-2.8.1 (Apache 2.0)

  21. netty-handler-4.1.17.Final (Apache 2.0)

  22. netty-buffer-4.1.17.Final (Apache 2.0)

  23. netty-common-4.1.17.Final (Apache 2.0)

  24. netty-transport-4.1.17.Final (Apache 2.0)

  25. netty-resolver-4.1.17.Final (Apache 2.0)

  26. netty-codec-4.1.17.Final (Apache 2.0)

  27. netty-codec-http-4.1.17.Final (Apache 2.0)

  28. jmespath-java-1.11.482 (Apache 2.0)

  29. ion-java-1.0.2 (Apache 2.0)

13

Emory Cisco ASR Service

65

11,895

  1. 39%

http://bitbucket.org/itarch/emory-cisco-asr-service /

https://bitbucket.org/rhedcloud/rhedcloud-ciscoasr-service/src/master/





  • IT Architecture

199=Steve-Brodeur*
28=Stephen-Wheat
5=George-Wang*

  1. aws-java-sdk-1.11.482 (Apache

    1. 0)

  2. aws-java-sdk-secretsmanager-1.11.482 (Apache

    1. 0)

  3. emory-moa-1.0.0 (Emory)

  4. ganymed-ssh2-262 (BSD-3)

  5. jdom (Apache license with attribution clause removed)

  6. jnc-1.0 (Apache 2.0)

  7. log4j-1.2.15 (Apache 2.0)

  8. openeai-core (LGPL)

  9. openeai-utils (LGPL)

  10. openii (LGPL)

14

Emory Network Operations Service

83

12,122

  1. 47%

http://bitbucket.org/itarch/emory-network-ops-service /

https://bitbucket.org/rhedcloud/rhedcloud-network-ops-service/src/master/





  • IT Architecture

236=Steve=Brodeur*

30=George-Wang*

1=Henry-Lai*

1=Stephen-Wheat

  1. commons-lang-2.6 (Apache 2.0)

  2. emory-moa-1.0.0 (Emory)

  3. hibernate3 (LGPL)

  4. jdom (Apache license with attribution clause removed)

  5. log4j-1.2.15 (Apache 2.0)

  6. openeai-core (LGPL)

  7. openeai-utils (LGPL)

  8. openii-1.0 (LGPL)

15

Base Docker Image for AWS Python Tests

2

21

  1. 00%

http://bitbucket.org/itarch/emory-docker-aws-pytest-base /

George Wang - no need for Emory deploy only just migration—see instructions





  • EASI Infrastructure

  • IT Architecture

14=Josh-VanderLinden*



16

Base Docker Image for Emory ESB Service

2

21

  1. 00%

http://bitbucket.org/itarch/emory-docker-esb-service-base /

George Wang - no need for Emory deploy only just migration—see instructions





  • IT Architecture

36=Stephen-Wheat

1=Jonathan-Blackie*

1=Kevin-Hale-Boyes*



17

Base Docker Image for Emory Web Apps

2

21

  1. 00%

http://bitbucket.org/itarch/emory-docker-webapp-base /

George Wang - no need for Emory deploy only just migration—see instructions





  • IT Architecture

12=Stephen-Wheat



18

Emory Elastic IP Service

871

3,849

  1. 77%

http://bitbucket.org/itarch/emory-elasticip-service /



George Wang





  • IT Architecture

79=George-Wang*

4=Stephen-Wheat

  1. aws-java-sdk-1.11.470 (Apache

    1. 0)

  2. aws-moa (Emory)

  3. emory-moa-1.2 (Emory)

  4. servicenow-moa (Emory)

  5. commons-io-2.5 (Apache 2.0)

  6. commons-net-3.6 (Apache 2.0)

  7. commons-validator-1.4.0 (Apache 2.0)

  8. httpclient-4.5.3 (Apache 2.0)

  9. jdom (Apache license with attribution clause removed)

  10. jms-1.1 (CDDL)

  11. log4j-1.2.15 (Apache 2.0)

  12. openeai-core (LGPL)

  13. openeai-utils (LGPL)

  14. xpp3-1.1.4c (Looks like Apache 1.0 derivative

  15. JavaMail (CCDL and GPL with classpath exception)

  16. xstream-1.4.10 (BSD)

19

Emory E-mail Validation Service

24

2,660

  1. 53%

http://bitbucket.org/itarch/emory-email-validation-service /

https://bitbucket.org/rhedcloud/rhedcloud-email-validation-service





  • IT Architecture

81=Kevin-Hale-Boyes*

5=George-Wang*

1=Henry-Lai*

1=Stephen-Wheat

  1. emory-moa-1.0.0-65 (Emory)

  2. commons-logging-1.2 (Apache 2.0)

  3. gnu-regexp-1.1.4 (LGPL)

  4. httpclient-4.5.4 (Apache 2.0)

  5. httpcore-4.4.7 (Apache 2.0)

  6. javax.json-1.1.2 (JAVAEE)

  7. javax.json-api-1.1.2 (JAVAEE)

  8. javax.ws.rs-api-2.1 (JAVAEE)

  9. jdom (Apache license with attribution clause removed)

  10. jersey-bundle-1.17 (Jersey)

  11. jersey-client-2.26 (Jersey)

  12. jersey-common-2.26 (Jersey)

  13. jersey-container-servlet-core-2.26 (Jersey)

  14. jersey-container-servlet-2.26 (Jersey)

  15. jersey-hk2-2.26 (Jersey)

  16. jersey-media-jaxb-2.26 (Jersey)

  17. jersey-media-json-binding-2.26 (Jersey)

  18. jersey-media-sse-2.26 (Jersey)

  19. jersey-server-2.26 (Jersey)

  20. jms-1.1 (CDDL)

  21. log4j-1.2.15 (Apache 2.0)

  22. openeai-core (LGPL)

  23. openeai-utils (LGPL)

  24. openii (LGPL)

  25. neverbounce-api-java-4.0.4 (MIT)

  26. google-http-client-1.23.0 (Apache 2.0)

  27. google-http-client-gson-1.23.0 (Apache 2.0)

  28. gson-2.8.2 (Apache 2.0)

  29. slf4j-api-1.7.25 (X11)

20

Emory Firewall Service

17

3,389

  1. 68%

http://bitbucket.org/itarch/emory-firewall-service /

https://bitbucket.org/rhedcloud/rhedcloud-firewall-service





  • IT Architecture

29=Henry-Lai*

1=Stephen-Wheat

1=Tod-Jackson



21

Emory IDM Service

22

8,772

  1. 19%

https://svn.service.emory.edu/repos/emoryoit/project/emory-idm-service /

Richard Xing





  • UIT Integration

  • UIT Identity Managment

Richard Xing

  1. ResourceService-test-client (NetIQ)

  2. RoleService-test-client (NetIQ)

  3. emory-moa-1.2 (Emory)

  4. commons-io-2.1 (Apache

    1. 0)

  5. common-codec-1.3 (Apache

    1. 0)

  6. commons-lang-2.6 (Apache

    1. 0)

  7. commons-cli-1.2 (Apache

    1. 0)

  8. commons-logging-1.1.1 (Apache

    1. 0)

  9. httpclient-4.5.2 (Apache

    1. 0)

  10. httpcore-4.4.4 (Apache

    1. 0)

  11. httpcore-ab-4.4.5 (Apache

    1. 0)

  12. json-simple (Apache

    1. 0)

  13. dom4j (BSD Style license)

  14. saaj (Apache

    1. 0)

  15. jdom (Apache license with attribution clause removed)

  16. jms-1.1 (CDDL)

  17. log4j-1.2.15 (Apache

    1. 0)

  18. openeai-core (LGPL)

  19. openeai-utils (LGPL)

  20. JavaMail (CCDL and GPL with classpath exception)

  21. Axiom-api-1.2.20 (Apache

    1. 0)

  22. Axiom-dom-1.2.20 (Apache

    1. 0)

  23. Axis2-adb-1.7.4 (Apache

    1. 0)

  24. Axis2-codegen-1.7.4 (Apache

    1. 0)

  25. Axis2-adb-1.7.4 (Apache

    1. 0)

  26. Axis2-java2wsdl-1.7.4 (Apache

    1. 0)

  27. Axis2-jaxws-1.7.4 (Apache

    1. 0)

  28. Axis2-kernel-1.7.4 (Apache

    1. 0)

  29. Axis2-metadata-1.7.4 (Apache

    1. 0)

  30. Axis2-saaj-1.7.4 (Apache

    1. 0)

  31. Axis2-transport-http-1.7.4 (Apache

    1. 0)

  32. Axis2-transport-base-1.7.4 (Apache

    1. 0)

  33. Axis2-xmlbeans-1.7.4 (Apache

    1. 0)

  34. Axis2-adb-1.7.4 (Apache

    1. 0)

22

Emory LDS Service

28

4,662

  1. 94%

http://bitbucket.org/itarch/emory-lds-service /

https://bitbucket.org/rhedcloud/rhedcloud-lds-service





  • IT Architecture

89=Kevin-Hale-Boyes*

1=Henry-Lai*

1=Tod-Jackson

1=Tom-Cervenka

1=George-Wang*

  1. emory-moa-1.0.0-91 (Emory)

  2. commons-logging-1.2 (Apache 2.0)

  3. gnu-regexp-1.1.4 (LGPL)

  4. api-all-1.0.0 (Apache 2.0)

  5. mina-core-2.0.16 (Apache 2.0)

  6. commons-collections-3.2.2 (Apache 2.0)

  7. commons-pool-1.6 (Apache 2.0)

  8. antlr-2.7.7 (BSD)

  9. jdom (Apache license with attribution clause removed)

  10. jms-1.1 (CDDL)

  11. log4j-1.2.17 (Apache 2.0)

  12. javax.mail-1.6.0 (JAVAEE)

  13. openeai-core (LGPL)

  14. openeai-utils (LGPL)

  15. openii (LGPL)

23

Emory Message Object API (MOA)

1,834*

89,621*

4,481

(net new)

  1. 90%

http://bitbucket.org/itarch/emory-moas

George Wang





  • IT Architecture

  • UIT Integration

49=Stephen-Wheat

24=George-Wang*

7=Kevin-Hale-Boyes*

5 Joel Burke

4 Joseph Banta*

3 Tom Cervenka



24

Emory TKI Client

43

1,653

  1. 33%

http://bitbucket.org/itarch/emory-tki-cli-client /

https://bitbucket.org/rhedcloud/rhedcloud-tki-cli-client

Emory needs command-line applications for Windows, MacOS, and Linux to interact wtih Emory Login and AWS STS to issue and manage temporary API keys.

  • Customer Administrators

  • Auditors

  • LITS Central Administrators

  • IT Architecture

113=Aaron-Miller*

50=Henry-Lai*

1=Kevin-Hale-Boyes*

  1. groovy:2.4.15 (Apache 2.0)

  2. spring-boot-starter (Apache 2.0)

  3. text-io:1.1.0 (Apache 2.0)

  4. ini4j:0.5.4 (Apache 2.0)

  5. commons-cli:1.4 (Apache 2.0)

  6. aws-java-sdk-secretsmanager:1.11.461 (Apache 2.0)

  7. aws-java-sdk-s3:1.11.461 (Apache 2.0)

  8. commons-compress:1.18 (Apache 2.0)

  9. axiom-api-1.2.9 (Apache 2.0)

  10. axis2-adb-1.5.2 (Apache 2.0)

  11. axiom-impl-1.2.9 (Apache 2.0)

  12. axis2-kernel-1.5.2 (Apache 2.0)

  13. axis2-transport-http-1.5.2 (Apache 2.0)

  14. axis2-transport-local-1.5.2 (Apache 2.0)

  15. commons-codec-1.11 (Apache 2.0)

  16. commons-httpclient-3.1 (Apache 2.0)

  17. mail

  18. neethi-2.0.4 (Apache 2.0)

  19. wsdl4j-1.6.2 (CPL 1.0)

  20. XmlSchema-1.4.3 (Apache 2.0)

  21. emory-tkiservice-webservice-1.0-client-classes (Emory)

  22. emory-tkiservice-webservice-1.0-wsdl-classes (Emory)

  23. izpack-ant:5.1.3 (Apache 2.0)

25

Emory TKI Service

26

4,826

  1. 97%

http://bitbucket.org/itarch/emory-tki-service /

https://bitbucket.org/rhedcloud/rhedcloud-tki-service

The TKI Service handles requests from the TKI command-line applications to facilitate authentication with Emory login, two-factor authentication, role assumption, and temporary key issuance.

  • TKI Client

  • VPCP Web App (coming soon)

  • IT Architecture

121=Joseph-Banta*

48=Kevin-Hale-Boyes*

29=Stephen-Wheat

11=George-Wang*

9=Henry-Lai*

2=Aaron-Miller*

  1. aws-moa (Emory)

  2. emory-moa-1.2 (Emory)

  3. commons-logging-1.2 (Apache 2.0)

  4. commons-lang3-3.7 (Apache 2.0)

  5. commons-lang-2.6 (Apache 2.0)

  6. gnu-regexp-1.0.8 (LGPL)

  7. httpclient-4.5.5 (Apache 2.0)

  8. httpcore-4.4.9 (Apache 2.0)

  9. commons-codec-1.11 (Apache 2.0)

  10. jsoup-1.11.3 (MIT)

  11. jackson-core-2.6.7 (Apache 2.0)

  12. jackson-databind-2.6.7.1 (Apache 2.0)

  13. jackson-annotations-2.6.0 (Apache 2.0)

  14. jackson-dataformat-cbor-2.6.7 (Apache 2.0)

  15. jackson-dataformat-xml-2.6.7 (Apache 2.0)

  16. aws-java-sdk-1.11.351

  17. joda-time-2.8.1 (Apache 2.0)

  18. duo-client-0.2.2 (DUO LICENSE)

  19. org.json-chargebee-1.0 (MIT)

  20. okhttp-2.7.5 (Apache 2.0)

  21. okio-1.14.1 (Apache 2.0)

  22. hibernate3-3.6.2 (LGPL)

  23. hibernate-jpa-2.0-api-1.0.0.Final (LGPL)

  24. hsqldb-2.2.9 (BSD-ish)

  25. javassist-3.12.0.GA (LGPL)

  26. dom4j-1.6.1 (BSD style)

  27. c3p0-0.9.1 (LGPL)

  28. commons-collections-3.1 (Apache 2.0)

  29. jdom (Apache license with attribution clause removed)

  30. jms-1.1 (CDDL)

  31. log4j-1.2.15 (Apache 2.0)

  32. openeai-core (LGPL)

  33. openeai-utils (LGPL)

26

Emory AWS Service Landing Page

51

11,003

  1. 21%

http://bitbucket.org/itarch/emory-vpcplanding-webapp /



https://bitbucket.org/rhedcloud/rhedcloud-vpcplanding-webapp/src/master/



  • AWS Service

  • IT Architecture

83=Tod-Jackson

27=Stephen-Wheat

4=Tom-Cervenka

  1. aws-moa (Emory)

  2. emory-moa (Emory)

  3. gwt-jackson-0.15.2 (Apache 2.0)

  4. gwt-servlet (GWT)

  5. gwtbootstrap3 (Apache 2.0)

  6. hk2-api-2.5.0-b42 (CDDL)

  7. hk2-locator-2.5.0-b42 (CDDL)

  8. hk2-utils-2.5.0-b42 (CDDL)

  9. javax.annotation-api-1.2 (JAVAEE)

  10. javax.inject-1 (JAVAEE)

  11. javax.json-1.1.2 (JAVAEE)

  12. javax.json-api-1.1.2 (JAVAEE)

  13. javax.json.bind-api-1.0 (JAVAEE)

  14. javax.ws.rs-api-2.1 (JAVAEE)

  15. jdom (Apache license with attribution clause removed)

  16. jersey-client (Jersey)

  17. jersey-common  (Jersey)

  18. jersey-container-servlet-core (Jersey)

  19. jersey-container-servlet (Jersey)

  20. jersey-hk2 (Jersey)

  21. jersey-media-jaxb (Jersey)

  22. jersey-media-json-binding (Jersey)

  23. jersey-media-sse (Jersey)

  24. jersey-server (Jersey)

  25. jms-1.1 (CDDL)

  26. log4j-1.2.15 (Apache 2.0)

  27. JavaMail (CCDL and GPL with classpath exception)

  28. openeai-core (LGPL)

  29. openeai-utils (LGPL)

  30. restygwt-2.2.0 (Apache 2.0)

  31. validation-api-1.1.0.RELEASE (Apache 2.0)

27

Emory VPCP Web Application

457

77,499

15.58%

http://bitbucket.org/itarch/emory-vpcprovisioning-webapp /



https://bitbucket.org/rhedcloud/rhedcloud-vpcprovisioning-webapp/src/master/



  • AWS Service

  • NetworkOps Service

  • SRD Service

  • ElasticIP Service

  • IDM Service

  • Directory Service

  • Identity Service

  • PeopleSoft Service

  • Firewall Service

  • Service Now Service

  • IT Architecture

226=Tod-Jackson

6=Stephen-Wheat

  1. aspectjrt-1.8.2 (EPL)

  2. aspectjweaver (EPL)

  3. aws-java-sdk-1.11.406 (Apache

    1. 0)

  4. aws-moa (Emory)

  5. commons-codec-1.10 (Apache 2.0)

  6. commons-logging-1.1.3 (Apache 2.0)

  7. emory-moa (Emory)

  8. freemarker-2.3.9 (Apache 2.0)

  9. gwt-jackson-0.15.2 (Apache 2.0)

  10. gwt-servlet (GWT)

  11. hk2-api-2.5.0-b42 (CDDL)

  12. hk2-locator-2.5.0-b42 (CDDL)

  13. hk2-utils-2.5.0-b42 (CDDL)

  14. httpclient-4.5.3 (Apache 2.0)

  15. httpcore-4.4.9 (Apache 2.0)

  16. ion-java-1.0.2 (Apache 2.0)

  17. jackson-annotations-2.6.0 (Apache 2.0)

  18. jackson-core-2.6.7 (Apache 2.0)

  19. jackson-databind-2.6.7.1 (Apache 2.0)

  20. javax.annotation-api-1.2 (JAVAEE)

  21. javax.inject-1 (JAVAEE)

  22. javax.json-1.1.2 (JAVAEE)

  23. javax.json-api-1.1.2 (JAVAEE)

  24. javax.json.bind-api-1.0 (JAVAEE)

  25. javax.mail-api-1.4.6 (JAVAEE)

  26. javax.ws.rs-api-2.1 (JAVAEE)

  27. jdom (Apache license with attribution clause removed)

  28. jersey-client (Jersey)

  29. jersey-common  (Jersey)

  30. jersey-container-servlet-core (Jersey)

  31. jersey-container-servlet (Jersey)

  32. jersey-hk2 (Jersey)

  33. jersey-media-jaxb (Jersey)

  34. jersey-media-json-binding (Jersey)

  35. jersey-media-sse (Jersey)

  36. jersey-server (Jersey)

  37. jmespath-java-1.11.406 (Apache 2.0)

  38. jms-1.1 (CDDL)

  39. joda-time-2.8.1 (Apache 2.0)

  40. log4j-1.2.15 (Apache 2.0)

  41. JavaMail (CCDL and GPL with classpath exception)

  42. netty-buffer-4.1.17.Final (Apache 2.0)

  43. netty-codec-4.1.17.Final (Apache 2.0)

  44. netty-codec-http-4.1.17.Final (Apache 2.0)

  45. netty-common-4.1.17.Final (Apache 2.0)

  46. netty-handler-4.1.17.Final (Apache 2.0)

  47. netty-resolver-4.1.17.Final (Apache 2.0)

  48. netty-transport-4.1.17.Final (Apache 2.0)

  49. openeai-core (LGPL)

  50. openeai-utils (LGPL)

  51. paloaltonetworks-moa (Emory)

  52. peoplesoft-moa (Emory)

  53. restygwt-2.2.0 (Apache 2.0)

  54. servicenow-moa (Emory)

  55. spring-beans-3.0.7.RELEASE (Apache 2.0)

  56. spring-context-3.0.7.RELEASE (Apache 2.0)

  57. spring-core-3.0.7.RELEASE (Apache 2.0)

  58. spring-test-3.0.7.RELEASE (Apache 2.0)

  59. validation-api-1.1.0.RELEASE (Apache 2.0)

28

Emory VPC Tests and Test Automation

5

308

  1. 06%

http://bitbucket.org/itarch/emory-vpcplanding-webtest /

Namrata Kakade





  • IT Architecture

21=John-Chesshir*

1=Zachary-Zelazo-Kessler



29

Emory VPCP Testing Common Test Foundation

26

3,472

  1. 70%

http://bitbucket.org/itarch/emory-vpcp-webtest-common /

Namrata Kakade

Common Selenium and SauceLabs test foundation and tools for web applications.

  • Emory AWS Landing Page

  • VPCP Web App

  • IT Architecture

95=Zachary-Zelazo-Kessler

67=John-Chesshir



30

Palo Alto Networks Message Object API (MOA)

120

46,694

  1. 38%

http://bitbucket.org/itarch/paloaltonetworks-moa

George Wang

Models the Firewall data and implements the OpenEAI message object functions for service-oriented architecture and integration.

  • Firewall Service

  • VPCP Web App

  • IT Architecture

7=Stephen-Wheat



31

Emory ServiceNow Service

22

12,419

  1. 09%

https://svn.service.emory.edu/repos/emoryoit/project/emory-swervicenow-gateway/2.0

Richard Xing

Exposes the ServiceNow Incident object and a couple specific ServiceNow request objects: FirewallRule and ElasticIp. Incident operations can be invoked from the AWS Account Service's autoprovisioning process when it encounters errors and request operations are invoked from the VPCP web app to implement ElasticIp and FirewallRule features.

  • Account Provisioning

  • VPCP Web App

  • ElasticIp Service

  • UIT Integration

  • UIT ITSMO

Richard Xing

  1. FirewallExceptionRequest-test-client (ServiceNow)

  2. Incident-test-client (ServiceNow)

  3. Elasticip-test-client (ServiceNow)

  4. servicenow-moa-1.2 (Emory)

  5. commons-io-2.1 (Apache

    1. 0)

  6. common-codec-1.3 (Apache

    1. 0)

  7. commons-lang-2.6 (Apache

    1. 0)

  8. commons-cli-1.2 (Apache

    1. 0)

  9. commons-logging-1.1.1 (Apache

    1. 0)

  10. httpclient-4.5.2 (Apache

    1. 0)

  11. httpcore-4.4.4 (Apache

    1. 0)

  12. httpcore-ab-4.4.5 (Apache

    1. 0)

  13. dom4j (BSD style license)

  14. saaj (Apache

    1. 0)

  15. jdom (Apache license with attribution clause removed)

  16. jms-1.1 (CDDL)

  17. log4j-1.2.15 (Apache

    1. 0)

  18. openeai-core (LGPL)

  19. openeai-utils (LGPL)

  20. JavaMail (CCDL and GPL with classpath exception)

  21. Axiom-api-1.2.20 (Apache

    1. 0)

  22. Axiom-dom-1.2.20 (Apache

    1. 0)

  23. Axis2-adb-1.7.4 (Apache

    1. 0)

  24. Axis2-codegen-1.7.4 (Apache

    1. 0)

  25. Axis2-adb-1.7.4 (Apache

    1. 0)

  26. Axis2-java2wsdl-1.7.4 (Apache

    1. 0)

  27. Axis2-jaxws-1.7.4 (Apache

    1. 0)

  28. Axis2-kernel-1.7.4 (Apache

    1. 0)

  29. Axis2-metadata-1.7.4 (Apache

    1. 0)

  30. Axis2-saaj-1.7.4 (Apache

    1. 0)

  31. Axis2-transport-http-1.7.4 (Apache

    1. 0)

  32. Axis2-transport-base-1.7.4 (Apache

    1. 0)

  33. Axis2-xmlbeans-1.7.4 (Apache

    1. 0)

  34. Axis2-adb-1.7.4 (Apache

    1. 0)























32

Emory PeopleSoft Service (enhancements only for this project)

23*

4,073*

748 (net new)

  1. 15%

https://svn.service.emory.edu:8443/repos/emoryoit/project/openeai-peoplesoft-service

Kelly Bray

Added SpeedChart provider implementations and tests to existing PeopleSoft connector framework

  • Account Provisioning

  • VPCP Web App

  • ServiceNow Request Form

  • UIT Integration

  • EASI Finance & Administration

  • IT Architecture

Kelly Bray

  1. openeai-peoplesoft-service-1.0.jar (Emory)

  2. peoplesoft-moa (Emory)

  3. xstream-1.1.2.jar (BSD)

  4. commons-coedec-1.4.jar (Apache 2.0)

  5. commons-logging-1.2 (Apache 2.0)

  6. httpclient-4.5.3 (Apache 2.0)

  7. jdom (Apache license with attribution clause removed)

  8. jms-1.1 (CDDL)

  9. log4j-1.2.15 (Apache 2.0)

  10. openeai.jar (LGPL)

  11. openeai-utils (LGPL)

  12. jersey-bundle-1.17.jar(CDDL 1.1)

  13. java-json.jar (JSON)

33

Emory AWS Integration Testing Automation

35

4619



https://bitbucket.org/itarch/emory-web-automation/src/master/

Namrada Kakade

  • Added Selenium based web automation framework in Java

  • Added automated test cases for various emory system modules

  • Added integration with SauceLabs to run tests on their infrastructure

  • Emory AWS Landing Page

  • VPCP Web App

  • Emory System Status Page

  • IT Architecture

Namrata Kakade









497,540

99.99%