-
Notifications
You must be signed in to change notification settings - Fork 13
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove cloud.gov ref #3
Conversation
related to issue #2 |
|
||
' | ||
standard_key: NIST-800-53 | ||
- control_key: AC-6 | ||
covered_by: [] | ||
implementation_status: none | ||
narrative: 'IAM policies are attached to the users, enabling centralized control | ||
of permissions for users under 18F AWS Account to access services, buckets or | ||
objects. With IAM policies, 18F only grant users within its own AWS account permission | ||
of permissions for users under the ogranizations AWS Account to access services, buckets or |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Minor: Should be organization's
. Ditto throughout.
\ groups, network ACLs, routing tables, and external gateways. Each of these items\ | ||
\ is complementary to providing a secure, isolated network.\nNetwork Access control\ | ||
\ lists (ACLs) are created to allow or deny traffic entering or exiting these\ | ||
\ subnets. Each subnet has routing tables attached to them to direct the flow\ | ||
\ of network traffic to Internet gateways, virtual private gateways, Network Address\ | ||
\ Translation (NAT) for private subnets.\n18F\u2019s virtual private cloud infrastructure\ | ||
\ Translation (NAT) for private subnets.\nThe organization\u2019s VPC infrastructure\ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Mind avoiding special characters?
Corrections based on feedback (spelling, grammar etc.)
Looks good, thanks! |
+1 thanks for this improvement. |
I wanted to make this a more abstract component content so I can reuse it for other SSPs and possibly added more components to it. The specific usage of this content should be spoken to on the consumer of the AWS service layer. If I'm off basis let me know :)
related to issue #2
@geramirez @jcscottiii @afeld