Compliance & Governance¶
Tools and frameworks for ensuring regulatory compliance, governance, and policy enforcement across cloud infrastructure and applications.
| Name | Description | Link |
|---|---|---|
| AWS Artifact | Provides access to AWS compliance reports and security/compliance documentation. | AWS Artifact |
| Azure Compliance Manager | Helps manage compliance activities and provides assessments and actionable insights. | Azure Compliance |
| Google Assured Workloads | Supports compliance requirements like FedRAMP, HIPAA, and CJIS in Google Cloud. | Assured Workloads |
Governance Fundamentals¶
- Policy definition - Define rules for resource usage and access
- Continuous compliance - Ongoing monitoring of compliance posture
- Auditability - Maintain logs and evidence for audits
- Shared responsibility - Understand provider vs customer responsibilities
Have any suggestions, additions, best-practices or references? Please contribute to help others learn!