Package com.cloudforgeci.api.core.rules
Class IamSecurityRules
java.lang.Object
com.cloudforgeci.api.core.rules.IamSecurityRules
- All Implemented Interfaces:
FrameworkRules<SystemContext>
@ComplianceFramework(value="IamSecurity",
priority=0,
alwaysLoad=true,
displayName="IAM Security",
description="Cross-framework IAM policy and access control validation")
public class IamSecurityRules
extends Object
implements FrameworkRules<SystemContext>
IAM security compliance validation rules.
These rules enforce IAM policy and role security requirements across multiple compliance frameworks:
- PCI-DSS - Req 7.1: Limit access by business need; Req 8.3: MFA
- HIPAA - §164.312(a)(1): Access control; §164.312(d): Authentication
- SOC 2 - CC6.1: Logical access controls; CC6.2: User authentication
- GDPR - Art.32(1)(b): Confidentiality and access control
Controls Implemented
- Least privilege enforcement
- MFA requirements
- Root account protection
- Credential rotation
- KMS key policy security
- Since:
- 3.0.0
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidinstall(SystemContext ctx) Install compliance validation rules into the CDK construct tree.Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface com.cloudforge.core.interfaces.FrameworkRules
alwaysLoad, description, displayName, frameworkId, priority
-
Constructor Details
-
IamSecurityRules
public IamSecurityRules()
-
-
Method Details
-
install
Description copied from interface:FrameworkRulesInstall compliance validation rules into the CDK construct tree.This method is called during CDK synthesis to register validation rules for the compliance framework. Implementations should use
ctx.getNode().addValidation()to add CDK validations.- Specified by:
installin interfaceFrameworkRules<SystemContext>- Parameters:
ctx- the system context containing deployment configuration and CDK stack
-