Add Compliance Pages #12523
Add Compliance Pages #12523
Conversation
sean1588
force-pushed
the
sean/compliance-pages
branch
from
ed7a3ed to
6698927
Compare
|
Your site preview for commit 13d7018 is ready! 🎉 http://www-testing-pulumi-docs-origin-pr-12523-13d70183.s3-website.us-west-2.amazonaws.com. |
|
Your site preview for commit 70df24d is ready! 🎉 http://www-testing-pulumi-docs-origin-pr-12523-70df24d0.s3-website.us-west-2.amazonaws.com. |
|
Your site preview for commit cf5c865 is ready! 🎉 http://www-testing-pulumi-docs-origin-pr-12523-cf5c865f.s3-website.us-west-2.amazonaws.com. |
sean1588
force-pushed
the
sean/compliance-pages
branch
from
cf5c865 to
c22808a
Compare
|
Your site preview for commit c22808a is ready! 🎉 http://www-testing-pulumi-docs-origin-pr-12523-c22808ac.s3-website.us-west-2.amazonaws.com. |
|
Your site preview for commit 9152c71 is ready! 🎉 http://www-testing-pulumi-docs-origin-pr-12523-9152c71e.s3-website.us-west-2.amazonaws.com. |
|
Your site preview for commit 2944b86 is ready! 🎉 http://www-testing-pulumi-docs-origin-pr-12523-2944b86b.s3-website.us-west-2.amazonaws.com. |
|
Your site preview for commit 07a0f63 is ready! 🎉 http://www-testing-pulumi-docs-origin-pr-12523-07a0f632.s3-website.us-west-2.amazonaws.com. |
|
Your site preview for commit 0d22342 is ready! 🎉 http://www-testing-pulumi-docs-origin-pr-12523-0d223420.s3-website.us-west-2.amazonaws.com. |
|
Your site preview for commit 2d125c2 is ready! 🎉 http://www-testing-pulumi-docs-origin-pr-12523-2d125c2e.s3-website.us-west-2.amazonaws.com. |
layouts/compliance/cis.html
Outdated
| <p> | ||
| CIS compliance is crucial for establishing strong security controls and safeguarding your cloud | ||
| infrastructure against cyber threats.Pulumi can assist you in making your AWS cloud infrastructure | ||
| CIS compliant. Pulumi can help you identify existing cloud resources that do not align with CIS |
There was a problem hiding this comment.
| CIS compliant. Pulumi can help you identify existing cloud resources that do not align with CIS | |
| CIS compliant. Pulumi can also help you identify existing cloud resources that do not align with CIS |
| {{ if eq .Params.cloud .Params.service }} | ||
| <section class="mt-4 py-4 px-4 md:px-0"> | ||
| <div class="container mx-auto max-w-4xl"> | ||
| <h3>ISO 27001 Compliance for your AWS infrastructure</h3> |
There was a problem hiding this comment.
Where did we get this list again? I just want to make sure its believable.
I found this https://drata.com/grc-central/iso-27001/checklist which is 8 and https://www.strongdm.com/blog/iso-27001-checklist which is 10. We have 11 which is an odd number. Just want to make sure this is somehow accurate
layouts/compliance/cis.html
Outdated
| {{ if eq .Params.cloud .Params.service }} | ||
| <section class="mt-4 py-4 px-4 md:px-0"> | ||
| <div class="container mx-auto max-w-4xl"> | ||
| <h3>CIS compliance for your AWS infrastructure</h3> |
There was a problem hiding this comment.
| <h3>CIS compliance for your AWS infrastructure</h3> | |
| <h3>CIS Compliance for your AWS Infrastructure</h3> |
I think we need that in caps to be consistent here
There was a problem hiding this comment.
Should we call it "CIS Compliance Checklist for Your AWS Infrastructure"
| <p class="py-4"> | ||
| Use <a href="/product/pulumi-insights/">Pulumi Insights</a> to gain visibility into your cloud | ||
| infrastructure's | ||
| configuration to assess {{ .Params.framework }} compliance. Pulumi Insights is Intelligence for |
There was a problem hiding this comment.
lets call it "Intelligent Cloud Management". And then "It helps you gain security, compliance, and cost insights into the entirety of your organization’s cloud assets and automatically remediate issues."
|
|
||
| <section class="mt-4 py-4 px-4 md:px-0"> | ||
| <div class="container mx-auto max-w-4xl"> | ||
| <h3>Compliance Ready Policies</h3> |
There was a problem hiding this comment.
Do we maybe have an image for this?
There was a problem hiding this comment.
Don't think we have any images. Maybe perhaps we can show a code snippet of it in use?
|
|
||
| <section id="sa-form" class="container mx-auto justify-center text-center m-4"> | ||
| <div class="w-full flex flex-col items-center lg:w-1/2 card bg-white mx-auto p-8"> | ||
| <h3>Talk to a Solutions Architect</h3> |
There was a problem hiding this comment.
Ok maybe the solution is put these things in 2 columns. Compliance for AWS services on the left and Talk to a Solutions Architect on the right. That way there isn't as much wasted whitespace
| </ul> | ||
| </div> | ||
| <div class="my-5 text-center"> | ||
| <p>Speak to a Solutions Architect to implement policy as code to manage {{ .Params.service }} resources for {{ .Params.framework }} compliance.</p> |
There was a problem hiding this comment.
So the way this is laid out you have the CTA and it literally just pops down a few lines to the form.
Maybe the right way to do this is just have each of the CTAs link off to https://www.pulumi.com/contact/ with the Expert Services option selected. This way it solves the rendering issue.
There was a problem hiding this comment.
I actually think this is a great idea! I'll see if it is possible though, since this form is injected at load time by hubspot and we may not have access to manipulate the individual elements in that subsection of the dom that they render into, which we will need in order to preselect that option.
| {{ if $cloud_page }} | ||
| <section class="mt-4 py-4 px-4 md:px-0"> | ||
| <div class="container mx-auto max-w-4xl"> | ||
| <h3>12 PCI DSS Requirements</h3> |
There was a problem hiding this comment.
should there be a dash between PCI and DSS?
There was a problem hiding this comment.
I thought there was, but when I went looking online I see it referenced everywhere without the dash. We may also want to consider renaming the page to just PCI and drop the DSS. From looking at keyword analytics, it seems there is a lot more volume when searching aws PCI compliance without the DSS rather than with the DSS.
| {{ if eq .Params.cloud .Params.service }} | ||
| <section class="mt-4 py-4 px-4 md:px-0"> | ||
| <div class="container mx-auto max-w-4xl"> | ||
| <h3>ISO 27001 Compliance for your AWS infrastructure</h3> |
There was a problem hiding this comment.
| <h3>ISO 27001 Compliance for your AWS infrastructure</h3> | |
| <h3>ISO 27001 Compliance for Your AWS Infrastructure</h3> |
| <strong>Regular Audits:</strong> Schedule regular internal audits to | ||
| review your configurations against the CIS benchmarks and update them as | ||
| needed. | ||
| </li> |
There was a problem hiding this comment.
Is there a reason we didn't add this as well like what we had on ISO?
By following these steps, you'll align your AWS cloud infrastructure with ISO 27001 requirements and help ensure the security of your information assets. Remember that achieving ISO 27001 compliance is an ongoing process, requiring regular reviews and updates to your ISMS.
|
Your site preview for commit 9571722 is ready! 🎉 http://www-testing-pulumi-docs-origin-pr-12523-95717229.s3-website.us-west-2.amazonaws.com. |
|
Your site preview for commit c8eed3a is ready! 🎉 http://www-testing-pulumi-docs-origin-pr-12523-c8eed3a6.s3-website.us-west-2.amazonaws.com. |
|
Your site preview for commit 5b49e27 is ready! 🎉 http://www-testing-pulumi-docs-origin-pr-12523-5b49e27b.s3-website.us-west-2.amazonaws.com. |
|
Your site preview for commit 4ab41a9 is ready! 🎉 http://www-testing-pulumi-docs-origin-pr-12523-4ab41a92.s3-website.us-west-2.amazonaws.com. |
|
Your site preview for commit 800073d is ready! 🎉 http://www-testing-pulumi-docs-origin-pr-12523-800073dc.s3-website.us-west-2.amazonaws.com. |
|
Your site preview for commit 3bfd448 is ready! 🎉 http://www-testing-pulumi-docs-origin-pr-12523-3bfd4485.s3-website.us-west-2.amazonaws.com. |
This PR adds the compliance pages to the marketing site under the /compliance route.
The compliance pages are genned based on a JSON file (
pages.json) that contains the frameworks, clouds, and services to create pages for. There is acontrols.jsonfile that contains a list of controls for each of the aws services listed in the pages.json file. This file is genned by scraping the controls listed in AWS security hub when runningmake generate-compliance-pages.Currently this contains support for 3 compliance frameworks
ISO 27001(temporarily removing this framework to start)CIS(temporarily removing this framework to start)There is a template page file for each framework that contains the content for the framework as well as a template for the overall list page. The page has templatized values that get populated on the page from the data in the JSON file (service, cloud, description, etc).
The url structure is very shallow at least to start. There is one top level page at /compliance and then all the compliance pages live under the compliance route with a url slug of
<framework>-<cloud>-<service>. e.g. /compliance/pci-dss-aws-ec2.