Terms of use
This document describes additional terms and examples specific to the Rahti container cloud service (hereafter referred to as "Rahti"). Please also read the General Terms of Use for CSC's Services for Research and Education. By using Rahti you are agreeing to both.
Terminology
- User refers to an individual who uses any of the Services referred to in these Terms.
- CSC Project refers to a group of one or more Users who may be granted access to use CSC's computing, data, and cloud resources up to a certain limit.
- Service account refers to an digital identity that is used to communicate between Rahti and other services. CSC Project members must follow good security practices with all accounts.
- User Content (“Content”) means the User's data, software, servers, systems, or processes that use or interact with the Services.
Security responsibilities
- Users are responsible for the security of their Content. Content hosted in Rahti can be directly connected to the Internet.
- Users are responsible for managing their access control lists, user accounts and all other access control methods.
- Users are responsible for maintaining security within the Content they host in Rahti. We recommend applying all applicable security updates automatically or otherwise at regular and well managed intervals.
- CSC is responsible for maintaining service security according to General Terms of Use for CSC's Services for Research and Education.
Content and data management responsibilities
- Users are responsible for the design and architecture of their Content hosted on Rahti.
- Access to Content is limited to users in CSC Project by default. Users in CSC Project can add and modify access rights on Rahti with their default permissions. These limited access right modification rights have been granted to project members so they can manage project-specific Service accounts.
- Most Content is not backed up and it is the responsibility of User to manage their own Content.
- The places where Users can store Content including persistent volumes, container file systems and local storage are not backed up. It is the responsibility of User to make backups of Content as needed.
- CSC is responsible for managing the Rahti service itself and ensuring the service is available to Users according to Rahti service level agreement.
Access to Content
General Terms of Use for CSC's Services for Research and Education state that CSC can access Content.
For Rahti this means that:
- CSC has the right to scan or monitor Content for security vulnerabilities, violations of our terms of use, or to perform anonymised analysis of workloads, for example by:
- Scanning of container images for prohibited applications.
- Scanning the Content running within Rahti.
- CSC has the right to do passive network monitoring for intrusion detection (IDS) purposes. This monitoring can occur without suspicion of intrusion.
- CSC has the right to disable any or all of a User's Content running in Rahti or network connections to or from Rahti if we suspect an ongoing security violation or a violation of our Terms of Use.
User risks
- Users are responsible for managing their risks and mitigation plans based on these service terms and General Terms of Use for CSC's Services for Research and Education.
- Individual containers running on Rahti can restart at any time without any uptime guarantees. Users are responsible for designing applications deployments so that they handle common cloud service failures in a graceful manner.
- As with any cloud service, Content in Rahti and their data can be lost or corrupted due to hardware failure, system error, administrator error or user errors.