Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/finos/compliant-financial-infrastructure

Compliant Financial Infrastructure accelerates the development, deployment and adoption of cloud services in a way that adheres to common security and regulatory controls.
https://github.com/finos/compliant-financial-infrastructure

aws azure cloud cloud-service-certification finos gcp infrastructure-as-code

Last synced: about 2 months ago
JSON representation

Compliant Financial Infrastructure accelerates the development, deployment and adoption of cloud services in a way that adheres to common security and regulatory controls.

Awesome Lists containing this project

README

        

[![FINOS - Incubating](https://cdn.jsdelivr.net/gh/finos/contrib-toolbox@master/images/badge-incubating.svg)](https://finosfoundation.atlassian.net/wiki/display/FINOS/Incubating)
[![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/6557/badge)](https://bestpractices.coreinfrastructure.org/projects/6557)
[](https://finos-lf.slack.com/messages/cfi/)

# Compliant Financial Infrastructure

Compliant Financial Infrastructure (CFI) seeks to accelerate the development,
deployment and adoption of services provided for infrastructure in a way that
complies with common regulatory and internal security controls.

## Objectives

The CFI community collaboratively maintains a series of standalone resources that fall into two categories:

1. Infrastructure as Code modules
2. Compliance Validation Plugins

Each resource maintained by the community are designed according to the controls produced by the Common Cloud Controls (CCC) project.

### Ways of Working

All outputs should be independently version controlled in standalone repositories. For example, one repo might exist for each _OpenTofu/Terraform_ child module.
Similarly, a separate repo might exist for every _Privateer Raid_ validator plugin.

Prior to completion, it is expected that development takes place in a code repository that is managed by the contributor (personal or organization). When the contribution is feature complete, the CFI community will review the contribution for acceptance into the FINOS namespace.

Contributors should collaborate openly with the community to avoid duplication of effort, such as two teams independently developing a validator for the same cloud service or controls.

If desired, the contributing team may retain their attribution on the repository's README for as long as they are leading the maintenance and updates of the resource.

## Join the Community!

The CFI community has a monthly call where we synchronize our efforts and share lessons learned. Join us through the [FINOS Calendar](https://www.finos.org/calendar) on the second Wednesday of every month.

You can also join us on [Slack](https://finos-lf.slack.com/messages/cfi)!

For more information about how to engage with the rest of the community and contribute to the project, view the documentation and links [here](docs/CONTRIBUTING.md).

Please feel free to request changes via [GitHub Issues](https://github.com/finos/compliant-financial-infrastructure/issues).

### Thank you to our contributors!

## Security Concerns

If you have any security concerns related to this project, please [create an issue on this repository](https://github.com/finos/compliant-financial-infrastructure/issues/new/choose) _or_ create an issue on the repository associated with your concern.