eddie-knight
commented
1 year ago Hey @noelmcloughlin! Right now we have been primarily using Terraform and Ansible for IaC, and our CaC/validation toolkit is in very early stages (we have recently decided to move away from Probr due to a lack of active development on that project).
We have primarily determined our scope for CFI based on the availability of contribution, which has so far been focused on public cloud resources. Considering that, I'm happy to open up discussion around what it would look like to accept contributions on elements that are not within the currently documented scope. Do you have anything specific in mind?
noelmcloughlin
Support Question
I see project scope is Infra-as-Code (IaC) and Compliance-as-Code (CaC) in Public Cloud .. i.e.
"Compliant Financial Infrastructure accelerates the development, deployment and adoption of services provided for AWS, Azure and Google in a way that meets existing regulatory and internal security controls. "
Investment Banks also use Bare Metal for low-latency and realtime workloads (Market edge/Co-Lo Equinix Data Centers) as Public Cloud is currently unsuitable. Maybe broadening scope of project could be considered. From technical perspective IaC examples include Ansible/Salt/Chef and CaC may include InSpec/Goss/Mondoo (p.s. I favor Ansible/InSpec but will look at Probr).