OCP - SAA - Security Hardening + PCI

finos / compliant-financial-infrastructure

Compliant Financial Infrastructure accelerates the development, deployment and adoption of services provided for AWS, Azure and Google in a way that meets existing regulatory and internal security controls.

Apache License 2.0

127 stars 61 forks source link

OCP - SAA - Security Hardening + PCI #332

Open abdullahgarcia opened 1 year ago

abdullahgarcia commented 1 year ago

With the new format of the SAA, the MVP will be:

Achieve security hardening through CIS Benchmarks.
Achieve PCI compliance.

Supporting documents:

https://docs-prv.pcisecuritystandards.org/Guidance%20Document/Containers%20and%20Container%20Orchestration%20Tools/Guidance-for-Containers-and-Container-Ochestration-Tools-v1_0.pdf

AdrianHammond commented 1 year ago

plan to progress

[x] read the PCI doc that Abdulla shared
[ ] investigate PCI Policy for [OpenShift Compliance Operator]{https://docs.openshift.com/container-platform/4.12/security/compliance_operator/compliance-operator-supported-profiles.html}
[ ] test out PCI policy

AdrianHammond commented 1 year ago

@abdullahgarcia - Hi Abdulla, are you looking for compliance to a minimum version of PCI? PCI v3.2.1 looks to have been replaced by v4.0 in March 2022. Current OCP compliance is against v3.2.1, I am finding out what are plans are to be compliant with PCI v4.0.

abdullahgarcia commented 1 year ago

@AdrianHammond , I'll bring up this matter in today's meeting: minimum version of PCI.

AdrianHammond commented 8 months ago

PCI-DSS implemented via the OpenShift Compliance Operator and waiting on merge from Dev to Main in https://github.com/finos/ansible-cfi-ocp/tree/dev/ocp