Package com.cloudforgeci.api.core.rules

Class MessagingSecurityRules

java.lang.Object
com.cloudforgeci.api.core.rules.MessagingSecurityRules
All Implemented Interfaces:
FrameworkRules<SystemContext>
@ComplianceFramework(value="MessagingSecurity", priority=0, alwaysLoad=true, displayName="Messaging Security", description="Cross-framework messaging service security validation") public class MessagingSecurityRules extends Object implements FrameworkRules<SystemContext>
Messaging security compliance validation rules.

These rules enforce SQS, SNS, Secrets Manager, and messaging service security requirements across multiple compliance frameworks:

  • PCI-DSS - Req 3.4: Encryption; Req 8.2: Credential management
  • HIPAA - §164.312(a)(2)(iv): Encryption; §164.308(a)(5)(ii)(D): Password management
  • SOC 2 - CC6.1: Encryption and credential controls
  • GDPR - Art.32(1)(a): Encryption of data

Controls Implemented

  • SQS/SNS encryption at rest
  • Secrets Manager KMS encryption
  • Secrets rotation configuration
  • Dead letter queue configuration
  • Kinesis stream encryption
Since:
3.0.0

  • Constructor Details

    • MessagingSecurityRules

      public MessagingSecurityRules()

  • Method Details

    • install

      public void install(SystemContext ctx)
      Description copied from interface: FrameworkRules
      Install compliance validation rules into the CDK construct tree.

      This method is called during CDK synthesis to register validation rules for the compliance framework. Implementations should use ctx.getNode().addValidation() to add CDK validations.

      Specified by:
      install in interface FrameworkRules<SystemContext>
      Parameters:
      ctx - the system context containing deployment configuration and CDK stack