For complete details, see our Privacy Policy. This page summarizes controls mapped to common RDA items that reviewers expect to find.
RDA 2.2 – Data Governance
- Data Processor model with purpose limitation and data minimization.
- Records of processing maintained for PII activities.
- Data subject rights processes (access, rectification, deletion, restriction, objection).
- Employee confidentiality obligations and training on Amazon data handling.
- Free tool operates entirely in memory; no at‑rest storage or database writes.
RDA 2.6 – Logging & Monitoring
- Centralized application logging with automated PII redaction.
- Logs include auth events, route access, error conditions, and rate‑limit triggers.
- Security logs rotate daily and are retained for at least 90 days.
- Monitoring for suspicious patterns (multiple failed requests, unusual volume).
- Logs never contain PII unless required by law.
RDA 1.6 – Risk Management & Incident Response
- Formal risk assessment reviewed by senior management at least annually.
- Incident response plan with roles, defined incident types, escalation paths.
- Immediate containment, credential revocation, forensic preservation.
- Notification to clients and Amazon at security@amazon.com within 24 hours.
- Root cause analysis, remediation, recovery from clean backups, and post‑incident review.
RDA 1.4 – Credential Management
- Passwords: minimum 12 chars with complexity; 90‑day expiration; last 12 disallowed.
- MFA enforced for all systems; unique named accounts; quarterly access reviews.
- No hardcoded secrets; environment variables / vault based; monthly key rotation.
- Immediate lockout after 5 failed attempts; secret scanning in CI.
Network & Application Security
- HTTPS/TLS (1.2+) enforced; HSTS and modern security headers at the edge.
- Rate limiting, CSRF protection, secure cookies (HttpOnly, SameSite=Lax; Secure in production).
- Strict file type and size limits; in‑memory processing for uploads; no caching of outputs (Cache‑Control: no‑store).
- Separation of concerns: product overview & pricing on codebridge.sh; app runs on amazon.codebridge.sh.
Questions? Contact nerds@codebridge.sh.