Package com.cloudforgeci.api.core.rules
Class ComputeSecurityRules
java.lang.Object
com.cloudforgeci.api.core.rules.ComputeSecurityRules
- All Implemented Interfaces:
FrameworkRules<SystemContext>
@ComplianceFramework(value="ComputeSecurity",
priority=0,
alwaysLoad=true,
displayName="Compute Security",
description="Cross-framework compute resource security validation")
public class ComputeSecurityRules
extends Object
implements FrameworkRules<SystemContext>
Compute security compliance validation rules.
These rules enforce compute resource security requirements across multiple compliance frameworks:
- PCI-DSS - Req 2: Secure system configurations
- HIPAA - ยง164.312(a)(1): Access control
- SOC 2 - CC6.1: Logical and physical access controls
- GDPR - Art.32: Security of processing
Controls Implemented
- EC2 instance security (IMDSv2, termination protection)
- EBS encryption
- EKS cluster security
- Auto Scaling Group configuration
- Since:
- 3.0.0
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidinstall(SystemContext ctx) Install compliance validation rules into the CDK construct tree.Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface com.cloudforge.core.interfaces.FrameworkRules
alwaysLoad, description, displayName, frameworkId, priority
-
Constructor Details
-
ComputeSecurityRules
public ComputeSecurityRules()
-
-
Method Details
-
install
Description copied from interface:FrameworkRulesInstall compliance validation rules into the CDK construct tree.This method is called during CDK synthesis to register validation rules for the compliance framework. Implementations should use
ctx.getNode().addValidation()to add CDK validations.- Specified by:
installin interfaceFrameworkRules<SystemContext>- Parameters:
ctx- the system context containing deployment configuration and CDK stack
-