What is FedRAMP

The Federal Risk and Authorization Management Program (FedRAMP) is a U.S. government program that standardised the security assessment, authorization, and continuous monitoring processes for cloud products and services. FedRAMP is designed to ensure that cloud services used by federal agencies meet a consistent set of security and privacy standards.

This framework, when integrated in SSD, gets converted to code format. The policies created based on this framework prompts an alert or prevents the deployment if the rule fails.

Example of FedRAMP policies in SSD

• Block Container Without Limits - Requires containers to have memory and CPU limits set and constraints limits to be within the specified maximum values.

• Block Container Without Request Limit - Requires containers to have memory and CPU requests set and constraints requests to be within the specified maximum values.

• Block Undefined Container Ratios - Sets a maximum ratio for container resource limits to requests.

• High Vulnerability Prevention Policy - High Severity Vulnerabilities should not be found in the artifact.

• Low Vulnerability Prevention Policy - Low Severity Vulnerability should not be found in the artifact.

Refer FedRAMP for more information.