/compliance-masonry

Security Documentation Builder

Primary LanguageGoOtherNOASSERTION

Compliance Masonry

Release Go Report Card Code Climate codecov.io Circle CI Build status

Compliance Masonry is a command-line interface (CLI) that allows users to construct certification documentation using the OpenControl Schema.

Overview

To learn about Compliance Masonry at a high level:

screen shot 2016-04-12 at 12 22 02 pm

Benefits

Modern applications are built on existing systems such as S3, EC2, and Cloud Foundry. Documentation for how these underlying systems fulfill NIST controls or PCI SSC Data Security Standards is a prerequisite for receiving authorization to operate (ATO). Unlike most System Security Plan documentation, Compliance Masonry documentation is built using OpenControl Schema, a machine readable format for storing compliance documentation.

Compliance Masonry simplifies the process of certification documentations by providing:

  1. a data store for certifications (ex FISMA), standards (ex NIST-800-53), and the individual system components (ex AWS-EC2).
  2. a way for government projects to edit existing files and also add new control files for their applications and organizations.
  3. a pipeline for generating clean and standardized certification documentation.

Installation

Compliance Masonry is packaged into a downloadable executable program for those who want to use Compliance Masonry without the need to install any external dependencies or programs.

MacOS

You can install compliance-masonry on MacOS using the following methods:

DMG Installation

  1. Go to the Github Release.
  2. Download the DMG package that ends in .dmg.
  3. Double-click on the MSI package.
  4. Simply drag the compliance-masonry icon to your Applications folder.

Homebrew Installation

brew install opencontrol/compliance-masonry/compliance-masonry

Installing from Archive

  1. Go to the Github Release.
  2. Download the archive package that corresponds to your machine and operating system.
    • For 32 Bit MacOS, you'll want the file ending _darwin_386.zip
    • For 64 Bit MacOS, you'll want the file ending _darwin_amd64.zip
  3. Unzip the archive. The resulting folder should contain a file called masonry.
  4. In your terminal, copy masonry to /usr/local/bin.
cd path/to/unarchived/masonry
cp masonry /usr/local/bin

NOTE: If you need the legacy binary, make sure to also copy compliance-masonry to /usr/local/bin!

Windows

You can install compliance-masonry on Windows using the following methods:

MSI Installation

  1. Go to the Github Release.
  2. Download the MSI package that ends in .msi.
  3. Double-click on the MSI package and click through the installation prompts.

Installing from Archive

  1. Go to the Github Release.
  2. Download the archive package that corresponds to your machine and operating system.
    • For 32 Bit Windows, you'll want the file ending _windows_386.zip
    • For 64 Bit Windows, you'll want the file ending _windows_amd64.zip
  3. Double-click on the downloaded package to unzip the archive. The resulting folder should contain a file called masonry.exe.
  4. Create a folder, e.g. C:\Masonry\bin.
  5. Drag masonry.exe into the new folder.
  6. Open PowerShell.
    • Search your Start menu / Cortana for it.
  7. Add C:\Masonry\bin to your PATH.

NOTE: If you need the legacy binary, make sure to also copy compliance-masonry.exe to C:\Masonry\bin!

Linux

You can install compliance-masonry on Linux using the following methods:

Package installation

  1. Go to the Github Release.
  2. Download the .deb or .rpm package that corresponds to your machine and operating system.
  3. Install the .deb or .rpm package using the following methods:
YUM Installation
sudo yum -y install compliance-masonry*.rpm
DNF Installation
sudo dnf -y install compliance-masonry*.rpm
DEB Installation
sudo apt install compliance-masonry*.rpm

Installing from Archive

  1. Go to the Github Release.
  2. Download the archive package that corresponds to your machine and operating system.
  3. Unzip the archive.
  4. In your terminal, copy masonry to /usr/local/bin. In your terminal, run the following:
cd path/to/unarchived/masonry
sudo cp masonry /usr/local/bin

NOTE: If you need the legacy binary, make sure to also copy compliance-masonry to /usr/local/bin!

Examples

See this list of OpenControl project examples.

Further Reading