Skip to content

Commit

Permalink
fix constraints (#1070)
Browse files Browse the repository at this point in the history
  • Loading branch information
@wandmagic
wandmagic authored Jan 7, 2025
1 parent fc50a42 commit d7b0623
Showing 1 changed file with 4 additions and 4 deletions.
8 changes: 4 additions & 4 deletions src/validations/constraints/fedramp-external-constraints.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@
<let var="aggregate-parameters" expression="$resolved-profile//param[prop[@name='aggregates']]/@id"/>
<let var="implemented-parameters-map" expression="map:merge(//set-parameter ! map:entry(@param-id,.))?*"/>
<let var="implemented-statements-map" expression="map:merge(//statement ! map:entry(@statement-id,.))?*"/>
<let var="required-response-points-map" expression="map:merge($resolved-profile//part[(prop[@name='response-point'])] ! map:entry(@id,.))?*"/>
<let var="required-response-points-map" expression="map:merge($resolved-profile//part[@name='statement' and (prop[@name='response-point'])] ! map:entry(@id,.))?*"/>
<index name="index-implemented-statements" target="$implemented-statements-map">
<formal-name>Statements implimented in SSP</formal-name>
<description>This index includes all statements defined in a FedRAMP SSP</description>
Expand All @@ -92,12 +92,12 @@
<prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/ssp/4-ssp-template-to-oscal-mapping/#external-systems-and-services-not-having-fedramp-authorization"/>
<message>A FedRAMP SSP MUST have each component describing leveraged systems, interconnections, or authorized services identify a "provider" role that references one responsible party.</message>
</expect>
<index-has-key id='extraneous-implemented-requirements' target="//implemented-requirement" name="index-imported-controls" level="ERROR">
<index-has-key id='extraneous-implemented-requirements' target="//implemented-requirement" name="index-imported-controls" level="WARNING">
<formal-name>Additional Controls Implemented Not in Baseline</formal-name>
<description>A FedRAMP SSP MUST NOT include extraneous controls outside of the FedRAMP baseline.</description>
<description>A FedRAMP SSP SHOULD NOT include extraneous controls outside of the FedRAMP baseline.</description>
<prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/ssp/6-security-controls/#implementation-status"/>
<key-field target="@control-id"/>
<message>A FedRAMP SSP MUST NOT include extraneous controls outside of the FedRAMP baseline. Extraneous control: ({@control-id}).</message>
<message>A FedRAMP SSP SHOULD NOT include extraneous controls outside of the FedRAMP baseline. Extraneous control: ({@control-id}).</message>
</index-has-key>

<index name="index-implemented-parameters" target="$implemented-parameters-map">
Expand Down

0 comments on commit d7b0623

Please sign in to comment.