search

salesforce / aws-allowlister

Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frameworks.
MIT License
224 stars 34 forks source link

DOD CC SRG (The Feds) Support #54

Closed kmcquade closed 3 years ago

kmcquade commented 3 years ago

This would be an interesting one. Take a look at the table for DOD CC SRG here: https://aws.amazon.com/compliance/services-in-scope/.

image

Proposed solution

Command arguments

I think we'd want to have --dod as a separate command argument. The argument would be optional. If provided, the valid values would be IL2-EastWest, IL2-Govcloud, IL4, IL5, and IL6.

You can require those values using click.Choice.

Custom scraper

This would require a custom scraper to handle the DOD CC SRG table on the Services in Scope page.

kmcquade commented 3 years ago

Fixed by #58

kmcquade commented 3 years ago

@AMHesch - I forgot to mention. In #58 you didn't update the README to reflect the new command flags - do you think you could do that?

Thanks :)