Package com.cloudforge.core.enums

Enum Class ComplianceMode

java.lang.Object

java.lang.Enum<ComplianceMode>

com.cloudforge.core.enums.ComplianceMode

All Implemented Interfaces:

Serializable, Comparable<ComplianceMode>, Constable

public enum ComplianceMode
extends Enum<ComplianceMode>

Compliance validation mode controlling how validation failures are handled.

Configuration

Set via deployment context (case-insensitive):

 cfc.put("complianceMode", "advisory");  // Warnings only
 cfc.put("complianceMode", "enforce");   // Fail on violations (default)
 

Modes

• ENFORCE - Validation failures block CDK synthesis (default for PRODUCTION)
• ADVISORY - Validation failures logged as warnings only (default for DEV/STAGING)

Use Cases

ENFORCE Mode

Use when you need strict compliance enforcement:

• Production environments handling sensitive data
• Regulated industries (healthcare, finance, government)
• Formal compliance audits (SOC2 Type II, PCI-DSS validation)
• Preventing deployment of non-compliant infrastructure

ADVISORY Mode

Use when you want compliance guidance without blocking deployment:

• Development and testing environments
• Proof-of-concept or demo deployments
• Learning about compliance requirements
• Phased compliance implementation
• Cost-optimized non-production environments

Examples

Production with Strict Enforcement

 cfc.put("securityProfile", "production");
 cfc.put("complianceMode", "enforce");
 cfc.put("complianceFrameworks", "PCI-DSS,SOC2");
 // WAF disabled → CDK synthesis FAILS
 cfc.put("wafEnabled", false);
 

Development with Advisory Warnings

 cfc.put("securityProfile", "dev");
 cfc.put("complianceMode", "advisory");
 cfc.put("complianceFrameworks", "SOC2");
 // WAF disabled → CDK synthesis SUCCEEDS with warnings
 cfc.put("wafEnabled", false);
 

Staging - Test Compliance Configuration

 cfc.put("securityProfile", "staging");
 cfc.put("complianceMode", "advisory");  // Test without blocking
 cfc.put("complianceFrameworks", "PCI-DSS,HIPAA");
 // See all compliance violations as warnings
 // Fix issues before promoting to production
 

Nested Class Summary

Nested classes/interfaces inherited from class java.lang.Enum

Enum.EnumDesc<E extends Enum<E>>

Enum Constant Summary

Enum Constants

Enum Constant	Description
ADVISORY	Validation failures logged as warnings only.
DISABLED	No compliance validation performed.
ENFORCE	Validation failures block CDK synthesis.

Method Summary

Modifier and Type	Method	Description
static ComplianceMode	defaultForProfile(SecurityProfile profile)	Get default compliance mode for a security profile.
static ComplianceMode	fromJson(String value)	Parse compliance mode from string (case-insensitive) for Jackson deserialization.
static ComplianceMode	fromString(String value, ComplianceMode defaultMode)	Parse compliance mode from string (case-insensitive).
static ComplianceMode	valueOf(String name)	Returns the enum constant of this class with the specified name.
static ComplianceMode[]	values()	Returns an array containing the constants of this enum class, in the order they are declared.

Methods inherited from class java.lang.Enum

clone, compareTo, describeConstable, equals, finalize, getDeclaringClass, hashCode, name, ordinal, toString, valueOf

Methods inherited from class java.lang.Object

getClass, notify, notifyAll, wait, wait, wait

Enum Constant Details

ENFORCE

public static final ComplianceMode ENFORCE

Validation failures block CDK synthesis. Non-compliant deployments cannot be deployed. Use for production environments requiring strict compliance.

ADVISORY

public static final ComplianceMode ADVISORY

Validation failures logged as warnings only. Deployments proceed with compliance violations documented. Use for development, testing, or phased compliance implementation.

DISABLED

public static final ComplianceMode DISABLED

No compliance validation performed. cdk-nag and cfn-guard are completely disabled. Not recommended - use ADVISORY instead for development.

Method Details

values

public static ComplianceMode[] values()

Returns an array containing the constants of this enum class, in the order they are declared.

Returns:

an array containing the constants of this enum class, in the order they are declared

valueOf

public static ComplianceMode valueOf(String name)

Returns the enum constant of this class with the specified name. The string must match exactly an identifier used to declare an enum constant in this class. (Extraneous whitespace characters are not permitted.)

Parameters:

name - the name of the enum constant to be returned.

Returns:

the enum constant with the specified name

Throws:

IllegalArgumentException - if this enum class has no constant with the specified name

NullPointerException - if the argument is null

fromJson

public static ComplianceMode fromJson(String value)

Parse compliance mode from string (case-insensitive) for Jackson deserialization. Returns DISABLED as default if input is null or invalid.

Parameters:

value - String value from JSON

Returns:

Parsed ComplianceMode or DISABLED as default

fromString

public static ComplianceMode fromString(String value,
 ComplianceMode defaultMode)

Parse compliance mode from string (case-insensitive). Returns default if input is null or invalid.

Parameters:

value - String value from deployment context

defaultMode - Default mode if parsing fails

Returns:

Parsed ComplianceMode or default

defaultForProfile

public static ComplianceMode defaultForProfile(SecurityProfile profile)

Get default compliance mode for a security profile. PRODUCTION defaults to ENFORCE, others default to ADVISORY.

Parameters:

profile - Security profile

Returns:

Default compliance mode for the profile