Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SYS.1.6.A2 #2

Closed
sluetze opened this issue Nov 7, 2023 · 2 comments
Closed

SYS.1.6.A2 #2

sluetze opened this issue Nov 7, 2023 · 2 comments
Assignees
@sluetze
Labels
not-checkable Requirement can not be checked with Compliance Operator org-only This Requirement of BSI is ONLY an organizational Requirement

Comments

@sluetze
Copy link

sluetze commented Nov 7, 2023

No description provided.

sluetze pushed a commit that referenced this issue Dec 1, 2023
@mpurg
Corrections for rsyslog_logfiles_attributes PR #2
c3d588f
@sluetze sluetze self-assigned this Jul 16, 2024
@sluetze sluetze added org-only This Requirement of BSI is ONLY an organizational Requirement not-checkable Requirement can not be checked with Compliance Operator labels Jul 16, 2024
@sluetze
Copy link
Author

sluetze commented Jul 16, 2024

The containers MAY ONLY be managed after appropriate planning.

This requirement must be implemented organizationally.

This planning MUST cover the entire life cycle from commissioning to decommissioning, including operation and updates.

This requirement must be implemented organizationally.

Through OpenShift GitOps, OpenShift technically supports this requirement with a standardized approach to deployment, change handling and deprovisioning via kustomize or Helm charts. OpenShift provides further support through operator-based applications and platform management that automates the processes of commissioning, decommissioning and updates.

When planning administration, it MUST be taken into account that the creator of a container should be viewed in part like an administrator due to the impact on operations.

This requirement must be implemented organizationally.

Starting, stopping and monitoring the containers MUST be done via the management software used.

Start, stop and monitoring is a basic function of OpenShift. It is not possible to bypass the OpenShift methods to start and stop. For monitoring purposes, OpenShift itself offers Prometheus-based monitoring. Using Advanced Cluster Security for Kubernetes (ACS), policy-based rules can also be used to monitor the containers.

organizationally only/inherently met

@sluetze
Copy link
Author

sluetze commented Oct 1, 2024

ComplianceAsCode#12161 was merged closing

@sluetze sluetze closed this as completed Oct 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sluetze sluetze

Labels
not-checkable Requirement can not be checked with Compliance Operator org-only This Requirement of BSI is ONLY an organizational Requirement
Projects
sig-bsi-grundschutz tracking
Status: Done
Milestone
No milestone
Development

When branches are created from issues, their pull requests are automatically linked.

sys-1-6-A1-A4 sig-bsi-grundschutz/content
1 participant
@sluetze