Source: aws.amazon.com
Continuous Compliance Workflow for Infrastructure as Code: Part 2Category: Security, Terraform, Architecture, Hashicorp, github, automation
In the first post of this series, we introduced a continuous compliance workflow in which an enterprise security and compliance team can release guardrails in a continuous integration, continuous deployment (CI/CD) fashion in your organization. We use the Terraform-Compliance framework to define the guardrails.
You start by building the necessary resources as listed in the workload (application development team) account: Next, we build the resources in the security and compliance account: The following diagram shows our solution architecture.
To implement our solution, we complete the following high-level steps: We create the following resources in the security and compliance account: In this section, we set up the properties for the pipeline and cross-account role stacks, and run the deployment scripts.
You have the following parameters: For CROSS_ACCOUNT_ROLE_ARN, replace with the account ID for your designated AWS security and compliance account.
You start by building the necessary resources as listed in the workload (application development team) account: Next, we build the resources in the security and compliance account: The following diagram shows our solution architecture.
To implement our solution, we complete the following high-level steps: We create the following resources in the security and compliance account: In this section, we set up the properties for the pipeline and cross-account role stacks, and run the deployment scripts.
You have the following parameters: For CROSS_ACCOUNT_ROLE_ARN, replace with the account ID for your designated AWS security and compliance account.
Related Articles
Community Partners
DevOps Careers