dutt0
commented
5 months ago Option 2 to move forward and be aligned with v2.0
Open dutt0 opened 8 months ago
dutt0
commented
5 months ago Option 2 to move forward and be aligned with v2.0
Description of the feature request We need to standardize the Guardrail names across all CSPs.
The current Guardrail names used in the AWS CaC Code are as follows:
01: Protect Root / Global Admins Account 02: Management of Administrative Privileges 03: Cloud Console Access 04: Enterprise Monitoring Accounts 05: Data Location 06: Protection of Data-at-Rest 07: Protection of Data-in-Transit 08: Segment and Separate 09: Network Security Services 10: Cyber Defense Services 11: Logging and Monitoring 12: Configuration of Cloud Marketplaces
We need to change these values to the following:
GUARDRAIL 1: PROTECT ROOT / GLOBAL ADMINS ACCOUNT GUARDRAIL 2: MANAGEMENT OF ADMINISTRATIVE PRIVILEGES GUARDRAIL 3: CLOUD CONSOLE ACCESS GUARDRAIL 4: ENTERPRISE MONITORING ACCOUNTS GUARDRAIL 5: DATA LOCATION GUARDRAIL 6: PROTECTION OF DATA-AT-REST GUARDRAIL 7: PROTECTION OF DATA-IN-TRANSIT GUARDRAIL 8: NETWORK SEGMENTATION AND SEPARATION GUARDRAIL 9: NETWORK SECURITY SERVICES GUARDRAIL 10: CYBER DEFENSE SERVICES GUARDRAIL 11: LOGGING AND MONITORING GUARDRAIL 12: CONFIGURATION OF CLOUD MARKETPLACES
Additional context Originally reported here Option 2 solution in the above link created issues. Hence removed.
Two options to consider from the following Option 1: updating frameworks_data_string hardcoded value Option 2: move frameworks_data_string to parameters