auditree-arboretum
auditree-arboretum copied to clipboard
ComplianceAsCode
The Auditree common fetchers, checks and harvest reports library.
## Overview It would be good to have a report that highlights persistent failures - checks that consistently fail for many days. ## Requirements - configurable threshold for persistent failure,...
## Overview Add check results summary harvest report and python packages summary harvest report. ## Requirements - Add check_results_summary harvest report to auditree category - Add python_packages_summary harvest report to...
## Overview Provide a harvest report to transform Kubernetes compliance operator evidence from [cluster_resource](https://github.com/ComplianceAsCode/auditree-arboretum/issues/9) fetcher into a [NIST OSCAL Assessment Results](https://pages.nist.gov/OSCAL/documentation/schema/assessment-results-layer/assessment-results/) collection of Observations in JSON format. Rationale: standardized version...
## Overview Kubernetes resources (e.g., `kubectl get pod`) can be used as evidence. For example, `spec` of `Pod`, custom resource of an operator, and `ConfigMap` shows whether applications (pod) and...
## Overview We need to migrate the IBM Cloud Databases list and backups list fetchers. ## Requirements - Should not depend on ibmcloud_tools - Fetcher should handle multiple resource_group_id's per...
## Overview As evidence can be placed in the locker with [plant](https://github.com/ComplianceAsCode/auditree-plant) we should have some checks, beyond abandoned evidence, against that. I think something like warnings when within a...
## Overview [Compliance Operator](https://github.com/openshift/compliance-operator) is a tool to validate that a cluster infrastructure complies with standard such as NIST SP 800-53, HIPAA or CIS Benchmark. It performs `openscap` command, and...
Metadata
Owner
Metadata
The Auditree common fetchers, checks and harvest reports library.