Package com.cloudforgeci.api.observability

Class ComplianceFactory

java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
com.cloudforgeci.api.core.annotation.BaseFactory
com.cloudforgeci.api.observability.ComplianceFactory
All Implemented Interfaces:
software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct, software.constructs.IDependable
public class ComplianceFactory extends BaseFactory
Factory for creating compliance and audit resources (CloudTrail, AWS Config, AWS Audit Manager). Creates audit logging and compliance monitoring based on security profiles.

Supported Compliance Tools

  • CloudTrail - Audit logging for API calls and account activity
  • AWS Config - Compliance monitoring with managed rules
  • AWS Audit Manager - Continuous auditing and automated evidence collection

AWS Audit Manager Setup

Before using Audit Manager, you must:
  1. Enable AWS Audit Manager in your AWS account via the AWS Console
  2. Configure data source connections (CloudTrail, Config, Security Hub, etc.)
  3. Choose appropriate compliance framework (SOC2, HIPAA, PCI-DSS, etc.)
  4. Update framework IDs to match your account

Configuration

Compliance features are enabled/disabled based on security profile:
  • DEV - Minimal compliance (CloudTrail only)
  • STAGING - Full compliance testing (Config + Audit Manager)
  • PRODUCTION - Full compliance (CloudTrail + Config + Audit Manager)
You can override defaults using deployment context: 
 cfc.put("awsConfigEnabled", true);
 cfc.put("auditManagerEnabled", true);

  • Nested Class Summary

    Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject

    software.amazon.jsii.JsiiObject.InitializationMode

    Nested classes/interfaces inherited from interface software.constructs.IConstruct

    software.constructs.IConstruct.Jsii$Default, software.constructs.IConstruct.Jsii$Proxy

  • Field Summary

    Fields inherited from class com.cloudforgeci.api.core.annotation.BaseFactory

    cfc, config, ctx

  • Constructor Summary

    Constructors
    Constructor
    Description
    ComplianceFactory(software.constructs.Construct scope, String id)
     

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    create()
    Abstract method that must be implemented by all factory subclasses.

    Methods inherited from class com.cloudforgeci.api.core.annotation.BaseFactory

    getDeploymentContext, getSecurityProfileConfiguration, getSystemContext

    Methods inherited from class software.constructs.Construct

    getNode, isConstruct, toString

    Methods inherited from class software.amazon.jsii.JsiiObject

    jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

    Methods inherited from interface software.amazon.jsii.JsiiSerializable

    $jsii$toJson

  • Constructor Details

    • ComplianceFactory

      public ComplianceFactory(software.constructs.Construct scope, String id)

  • Method Details

    • create

      public void create()
      Description copied from class: BaseFactory
      Abstract method that must be implemented by all factory subclasses. This method should contain the actual infrastructure creation logic.
      Specified by:
      create in class BaseFactory