Package com.cloudforgeci.api.core.rules
Class Soc2Rules
java.lang.Object
com.cloudforgeci.api.core.rules.Soc2Rules
- All Implemented Interfaces:
FrameworkRules<SystemContext>
@ComplianceFramework(value="SOC2",
priority=40,
displayName="SOC 2",
description="Validates SOC 2 Trust Services Criteria for service organizations")
public class Soc2Rules
extends Object
implements FrameworkRules<SystemContext>
SOC 2 (Service Organization Control 2) Trust Services Criteria compliance validation.
SOC 2 is based on five Trust Services Criteria (TSC):
- Security (Common Criteria - CC)
- Availability (A)
- Processing Integrity (PI)
- Confidentiality (C)
- Privacy (P)
This validator focuses on the Security criteria (Common Criteria) which apply to all SOC 2 reports.
Organizations can choose additional criteria based on their services.
Trust Services Criteria Coverage:
- CC6.1: Logical and Physical Access Controls
- CC6.2: Access Management
- CC6.6: Network Segmentation
- CC6.7: Data Transmission
- CC7.2: System Monitoring
- CC7.3: Environmental Protections (Availability)
- CC8.1: Change Management
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionGenerate SOC 2 Trust Services Criteria compliance report.voidinstall(SystemContext ctx) Install SOC 2 compliance validation rules.Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface com.cloudforge.core.interfaces.FrameworkRules
alwaysLoad, description, displayName, frameworkId, priority
-
Constructor Details
-
Soc2Rules
public Soc2Rules()
-
-
Method Details
-
install
Install SOC 2 compliance validation rules. SOC 2 applies to production and staging environments serving customers.- Specified by:
installin interfaceFrameworkRules<SystemContext>- Parameters:
ctx- the system context containing deployment configuration and CDK stack- Since:
- 3.0.0
-
generateComplianceReport
Generate SOC 2 Trust Services Criteria compliance report.
-