Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SYS.1.6.A1 #1

Closed
sluetze opened this issue Nov 7, 2023 · 2 comments
Closed

SYS.1.6.A1 #1

sluetze opened this issue Nov 7, 2023 · 2 comments
Assignees
Labels
not-checkable Requirement can not be checked with Compliance Operator org-only This Requirement of BSI is ONLY an organizational Requirement

Comments

@sluetze
Copy link

sluetze commented Nov 7, 2023

No description provided.

@sluetze sluetze moved this from Todo to Implementation in sig-bsi-grundschutz tracking Jul 16, 2024
@sluetze sluetze self-assigned this Jul 16, 2024
@sluetze
Copy link
Author

sluetze commented Jul 16, 2024

Before containers are deployed, the goal of the container deployment (e.g. scaling, availability, disposable containers for security or CI/CD) MUST first be determined so that all security-related aspects of installation, operation and decommissioning can be planned.

This requirement must be implemented organizationally.

When planning, the operating costs that arise from container use or mixed operation SHOULD also be taken into account.

This requirement must be implemented organizationally.

The planning MUST be adequately documented.

This requirement must be implemented organizationally.

OpenShift supports all of the goals mentioned. Comprehensive handouts are available to carry out and document the planning of container use, security and compliance, architecture and installation on OpenShift. [SecGuide]

as this is an org-only requirement we cant implement technical checks

@sluetze sluetze added org-only This Requirement of BSI is ONLY an organizational Requirement not-checkable Requirement can not be checked with Compliance Operator labels Jul 16, 2024
@sluetze sluetze moved this from Implementation to Upstream PR in sig-bsi-grundschutz tracking Jul 19, 2024
@sluetze
Copy link
Author

sluetze commented Oct 1, 2024

ComplianceAsCode#12161 was merged

@sluetze sluetze closed this as completed Oct 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
not-checkable Requirement can not be checked with Compliance Operator org-only This Requirement of BSI is ONLY an organizational Requirement
Projects
Development

When branches are created from issues, their pull requests are automatically linked.

1 participant