Relevant users
|
User Role
|
Can Access
|
|
Technical Team member
|
 |
|
DevOps Team member
|
|
|
Security Analyst
|
|
|
Security Engineer
|
|
|
Compliance Manager
|
|
|
Project Manager
|
|
|
Security Team Management
|
|
|
Consultant
|
|
Example
I am about to deploy a new service into Dev that my company has no experience with.
How can I ensure that we built it securely, that it will be cost effective, and perform
well from day one?
Conformity Solution
Step 1. Launch the new service using AWS console, CLI or CloudFormation.
 |
NoteIf you use a CloudFormation template to manage your infrastructure stack, and have
used it to deploy your new AWS service, then use Template Scanner to check that your CloudFormation template is compliant with cloud infrastructure
best practices.
|
Step 2. In Conformity open the account containing the new AWS service.
Step 3.
Conformity
bot needs to run in order to run Conformity's rule set against the new
AWS service's resources. Either wait for the next scheduled Conformity Bot run or
run it manually from the main account dashboard.
After the Conformity bot run, rule Checks will be accessible in your Conformity reports. Checks will be displayed as Passed or Failed.
Step 4. Go to the All Checks Report and Filter All Checks by the newly launched AWS service.
|
NoteIf your organisation has a custom governance policy, this can be configured as a Profile
and applied to the account. Checks will then reflect this custom rule Profile.
|
Step 5. Remediate failed checks for the new AWS service using the resolution steps provided in the knowledge base.
Optional: RTM can be enabled for real-time event monitoring of security best
practice compliance.
Optional: Make use of Conformity's auto-remediation capabilities to automate remediation of failed
checks.