UT Dallas Cloud Services Attestations and Terms

This document outlines all the attestations and terms that users must agree to when requesting and managing cloud services at UT Dallas. These terms are necessary to ensure compliance with university policies and to maintain security and accountability for cloud resources.

Table of Contents

• General Attestations for Requesting Cloud Hosting
• Required Ticket Information for Cloud Hosting
• Required Ticket Information for Other Services

General Attestations for Requesting Cloud Hosting

When requesting a new cloud hosting account, users must attest to the following statements:

• Responsibility for Charges
  • I understand I am responsible for all charges incurred within this Account. My financial officer and budget administrator/budget assistant are aware of this request.
• Compliance with University Policies
  • I understand and agree to comply with all University policies, including Information Security and Acceptable Use.
• Data Protection Obligations
  • I understand that I am obligated to protect institutional and contractual data in accordance with all applicable local, state, and federal laws and regulations.
• Accountability for Account Activity
  • I understand that I am responsible and accountable for activity that occurs within this Account. This includes, but is not limited to, maintaining and auditing access control lists, data use practices, security configurations, development, maintenance, and patching.
• Notification of Ownership Change
  • I agree to notify UT Dallas Cloud Services upon change of ownership of this Account.
• Escrow of Root User Credentials
  • I understand that root user credentials for public cloud Accounts (AWS, GCP, or Azure) will be held in escrow by the UT Dallas Cloud Service.
• Monthly Billing Alerts
  • I understand that OIT will be alerted if my monthly bill exceeds a certain level (to be decided).
• Prohibition on Modifying Cloud Service Settings
  • I will not delete or modify any UT Dallas Cloud Service settings or configurations within this Account. Examples include, but are not limited to:
    • Use of Single-Sign-On for the AWS Console
    • UT Dallas Cloud Service cloud custodian role
    • AWS Config Activation
    • AWS CloudTrail Activation
    • AWS VPC Flow Logs Activation
    • Secure Centralized Logging
    • CloudCheckr Activation
    • DLT Solutions Billing Activation
    • DLT Solutions Support Activation (optional)
• Audit and Monitoring Access
  • I agree to grant the UT Dallas Cloud Service access to this Account to audit, monitor, and update appropriate security, compliance, and regulatory controls as required by the University, and local, state, and federal governments.
• AI Usage
  • I agree to comply with UTD AI usage standards. All data produced and ingested by AI models not owned by the application owner must be used with attribution and in compliance with state and federal copyright law. Review the AI Usage Standards document for all usage guidelines.

Required Ticket Information for Cloud Hosting

• Account Owner
• Project Name
• Cloud Platform (AWS, Azure, Other)
• Primary Technical Contact
  • Project owner helping with system administration and remediation tasks.
• Existing Cloud Account Information
• Data Security and Compliance Policies (FERPA, HIPAA, FedRAMP, PCI, Other)
• AI Usage Details (if applicable)
  • NetIDs of users who will access AI resources
  • Category of AI Application (Machine Learning, Optical Character Recognition, Image and Speech Recognition, Chatbots and Text Generation, Image and Audio Generation, Language Analysis, Embeddings / Statistics, Others)
  • Product Names
  • Product Use Case
• Budget & Authorization Information
  • Fiscal Officer (or Cost Center Administrator)
  • Primary Cost Center (Cost center used for bill back)
  • Fallback Cost Center (to be used if Primary Cost Center cannot be billed)
  • Targeted Monthly Budget
  • Authorized Signature/Approver (Person in the department/school who is authorized to approve this transaction)

Required Ticket Information for Other Services

• Decommission Cloud Hosting
  • Required Fields:
    • Account Owner
    • Account Fiscal Officer
    • Account/Subscription Number
    • Requested Date of Decommission
    • Attestation of decommissioning
• Add/Modify/Delete User Access
  • Required Fields (Add):
    • Account Owner (only)
    • Department
    • Department Approver
    • Account/Subscription Number
    • Roles
      • Privileges for new roles
      • Additional users with roles, including name and NetID
  • Required Fields (Modify):
    • Account Owner (only)
    • Department
    • Department Approver
    • Account/Subscription Number
    • Roles
      • Role changes
        • Affected users, including name and NetID
      • User role changes
        • Affected users, including name and NetID
  • Required Fields (Delete):
    • Account Owner (only)
    • Department
    • Department Approver
    • Account/Subscription Number
    • Roles
      • Affected users, including name and NetID
• General Request/Guidance
  • Type of general request:
    • Consultation
    • General Inquiry