extract common controls for AWS

GSA-TTS / tts-common-controls

[WIP] development of Inspec tests using the Heimdall Data Format (HDF) specification to create baseline and inheritable Security Controls and Documentation for reuse by TTS Systems

Other

7 stars 2 forks source link

extract common controls for AWS #4

Open afeld opened 3 years ago

afeld commented 3 years ago

Background Information

We can start with centralized user management.

Implementation Steps

Acceptance Criteria

[ ] We have an initial set of control narratives around centralized AWS user management (jump account)

afeld commented 3 years ago

Might make sense to break this into smaller issues.

afeld commented 3 years ago

The GRACE IAM README speaks to its security compliance impact. This will be a good starting place, and GRACE may have more.

adborden commented 3 years ago

A lot of controls are already written in https://docs.google.com/spreadsheets/d/1L2v1ZMlSscDgDMlDu1xvuH48HRDxnxHU3heFxtFq8RI/edit#gid=910638200