From 7cb260a70dd22fa841071c05c6f344990cd75519 Mon Sep 17 00:00:00 2001
From: Rob Gil <dds@rem5.com>
Date: Mon, 13 Jan 2020 20:02:04 -0500
Subject: [PATCH] 170614119 - Adds initial connection lists and architecture
 doc

This adds the initial lists of transient connections (protocols, ports,
etc). Also adds listening services and hosts used.
---
 docs/ATATArchitecture.md |  0
 docs/EdgeControls.md     | 32 ++++++++++++++++++++++++++++++++
 2 files changed, 32 insertions(+)
 create mode 100644 docs/ATATArchitecture.md
 create mode 100644 docs/EdgeControls.md

diff --git a/docs/ATATArchitecture.md b/docs/ATATArchitecture.md
new file mode 100644
index 00000000..e69de29b
diff --git a/docs/EdgeControls.md b/docs/EdgeControls.md
new file mode 100644
index 00000000..9f265910
--- /dev/null
+++ b/docs/EdgeControls.md
@@ -0,0 +1,32 @@
+# Edge Control
+This document describes the expected connections and listening services.
+
+## Transient Connections
+| Service | Direction | Ports | Encrypted? | Ciphers      |
+| --------|-----------|-------|------------|--------------|
+| Azure Container Registry  | Egress    | 443   | Yes        | MSFT Managed |
+| DOD CRL Service | Egress | 443 | Yes | DOD Managed | 
+| Azure Storage | Egress | 443 | Yes | MSFT Managed| 
+| Redis | Egress | 6380 | Yes | MSFT Managed| 
+| Postgres | Egress | 5432 | Yes | MSFT Managed| 
+
+# Listening Ports / Services
+| Service/App | Port | Encrypted? | Accessible |
+|-------------|------|------------|--------|
+| ATAT App    | 80, 443 | Both | Load Balancer Only 
+| ATAT Auth   | 80, 443 | Both | Load Balancer Only
+
+# Host List
+## Dev
+| Service| Host |
+|--------|------|
+| Redis  | cloudzero-dev-redis.redis.cache.windows.net |
+| Postgres| cloudzero-dev-sql.postgres.database.azure.com |
+| Docker Container Registry | cloudzerodevregistry.azurecr.io |
+
+## Production
+| Service | Host |
+|---------|------|
+| Redis   |      |
+| Postgres|      |
+| Docker Container Registry | |
\ No newline at end of file