This implementation automates reporting to verify compliance with GC Cloud Guardrails. SSC and TBS review the results. Cette mise en œuvre automatise la production de rapports afin de vérifier la conformité aux mesures de sécurité infonuagique du GC. SPC et SCT examinent les résultats.
Other
7
stars
4
forks
source link
GR8 | Validation 1: Network Architecture Diagram and High Level Design Documentation (M) #199
ItemName: Network Architecture Diagram and High Level Design Documentation (M)
ItemNameFR: Diagramme d'architecture réseau et documentation de conception de haut niveau (M)
Description: This is a name change of an existing control called "Network architecture diagram" and instead of looking for one document in the storage account there is now two the department is required to provide.
Look for a file labeled as "NetworkArchitectureDiagram"
AND Look for a file labeled "HighLevelDesign"
If both files are in the storage account the department will pass this control.
Comments ENG:
If compliant = All required files have been uploaded for review by Cloud Security Compliance assessors. "HighLevelDesign" and "NetworkArchitectureDiagram" found.
If missing HLD = Non-compliant. Could not find "HighLevelDesign" create and upload the appropriate file in Container 'guardrailsstorage' on Storage Account 'stcac024bf308' to become compliant.
If missing NetworkArchitecture = Non-compliant. Could not find ""NetworkArchitectureDiagram" create and upload the appropriate file in Container 'guardrailsstorage' on Storage Account 'stcac024bf308' to become compliant.
Neither uploaded = Non-complaint. Could not find the required documentation. Create and upload the appropriate files ("HighLevelDesign" and "NetworkArchitectureDiagram") in Container 'guardrailsstorage' on Storage Account 'stcac024bf308' to become compliant.
ItemName: Network Architecture Diagram and High Level Design Documentation (M) ItemNameFR: Diagramme d'architecture réseau et documentation de conception de haut niveau (M)
Description: This is a name change of an existing control called "Network architecture diagram" and instead of looking for one document in the storage account there is now two the department is required to provide.
If both files are in the storage account the department will pass this control.
Comments ENG:
If compliant = All required files have been uploaded for review by Cloud Security Compliance assessors. "HighLevelDesign" and "NetworkArchitectureDiagram" found.
If missing HLD = Non-compliant. Could not find "HighLevelDesign" create and upload the appropriate file in Container 'guardrailsstorage' on Storage Account 'stcac024bf308' to become compliant.
If missing NetworkArchitecture = Non-compliant. Could not find ""NetworkArchitectureDiagram" create and upload the appropriate file in Container 'guardrailsstorage' on Storage Account 'stcac024bf308' to become compliant.
Neither uploaded = Non-complaint. Could not find the required documentation. Create and upload the appropriate files ("HighLevelDesign" and "NetworkArchitectureDiagram") in Container 'guardrailsstorage' on Storage Account 'stcac024bf308' to become compliant.
Comments FR: TBD