Add leveraged-authorization-has-valid-impact-level Constraint
#913
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
18 tasks
Gabeblis
changed the title
leveraged-authorization-matches-impact-level constraintleveraged-authorization-has-valid-impact-level constraint
Gabeblis
force-pushed
the
constraints/leveraged-authorization-impact-level
branch
4 times, most recently
from
dd9dc71 to
cf28b02
Compare
aj-stein-gsa
requested changes
Nov 20, 2024
Gabeblis
force-pushed
the
constraints/leveraged-authorization-impact-level
branch
from
45f01c4 to
e98cbd0
Compare
Gabeblis
changed the title
leveraged-authorization-has-valid-impact-level constraintleveraged-authorization-has-valid-impact-level Constraint
Gabeblis
force-pushed
the
constraints/leveraged-authorization-impact-level
branch
from
e98cbd0 to
a485fe4
Compare
aj-stein-gsa
requested changes
Nov 20, 2024
aj-stein-gsa
previously approved these changes
Nov 22, 2024
Gabeblis
dismissed stale reviews from aj-stein-gsa and wandmagic
via
a403c4b
Gabeblis
force-pushed
the
constraints/leveraged-authorization-impact-level
branch
2 times, most recently
from
423dc35 to
2d17552
Compare
wandmagic
previously approved these changes
Nov 25, 2024
Gabeblis
dismissed stale reviews from DimitriZhurkin, Rene2mt, and wandmagic
via
c89f710
Gabeblis
force-pushed
the
constraints/leveraged-authorization-impact-level
branch
2 times, most recently
from
31f0ee4 to
bf5b3bf
Compare
Gabeblis
requested review from
Rene2mt,
wandmagic,
DimitriZhurkin and
a team
Gabeblis
force-pushed
the
constraints/leveraged-authorization-impact-level
branch
from
bf5b3bf to
e694da4
Compare
aj-stein-gsa
previously approved these changes
Nov 29, 2024
wandmagic
previously approved these changes
Dec 2, 2024
DimitriZhurkin
previously requested changes
Dec 2, 2024
wandmagic
approved these changes
Dec 2, 2024
kyhu65867
approved these changes
Dec 2, 2024
aj-stein-gsa
approved these changes
Dec 2, 2024
There was a problem hiding this comment.
Review acceptance criteria and related documentation updates to the website in GSA/automate.fedramp.gov#124, looks good to go. 🚢
wandmagic
added a commit
to wandmagic/fedramp-automation
that referenced
this pull request
Dec 11, 2024
commit f010473 Author: wandmagic <156969148+wandmagic@users.noreply.github.com> Date: Tue Dec 10 15:08:00 2024 -0500 re-introduce implemented-requirements constraints (GSA#981) * re-introduce implemented-requirements constraints * add doc available check for health url * fix spacing * Update src/validations/constraints/fedramp-external-constraints.xml Co-authored-by: Gabeblis <gabriel.rodriguez@gsa.gov> * Update src/validations/constraints/fedramp-external-constraints.xml Co-authored-by: Gabeblis <gabriel.rodriguez@gsa.gov> --------- Co-authored-by: Gabeblis <gabriel.rodriguez@gsa.gov> commit c0ad00e Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Mon Dec 9 17:17:47 2024 -0500 Adjust link for all profiles (GSA#979) commit 8561600 Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Mon Dec 9 11:27:48 2024 -0500 Add Components To `information-type-800-60-v2r1` Allowed Values (GSA#973) * Add Leveraged Authorizations and External, Interconnected, and Unauthorized Systems components to information-type allowed values * Adjust constraint target commit 788b67e Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Mon Dec 9 09:32:35 2024 -0500 Fix constraint targets (GSA#974) commit 9d7946c Author: A.J. Stein <alexander.stein@gsa.gov> Date: Fri Dec 6 17:10:04 2024 -0500 [chore] Update container image to cli v2.4.0 (GSA#971) commit b2c9712 Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Fri Dec 6 15:26:04 2024 -0500 Add `used-by-link-references-component` constraint (GSA#972) * Add 'used-by-link-references-component' constraint * Fix message Co-authored-by: Kylie Hunter <kylie.hunter@gsa.gov> * fix message Co-authored-by: DimitriZhurkin <dimitri.zhurkin@noblis.org> --------- Co-authored-by: Kylie Hunter <kylie.hunter@gsa.gov> Co-authored-by: DimitriZhurkin <dimitri.zhurkin@noblis.org> commit 3dac668 Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Fri Dec 6 13:43:16 2024 -0500 Add `component-has-used-by-link` constraint (GSA#970) * Add constraint 'protocol-has-used-by-link' * Fix message * Change constraint id * Fix message (last time) * Update src/validations/constraints/content/ssp-component-has-used-by-link-INVALID.xml Co-authored-by: A.J. Stein <aj@gsa.gov> --------- Co-authored-by: A.J. Stein <aj@gsa.gov> commit c3db2b2 Author: DimitriZhurkin <dimitri.zhurkin@noblis.org> Date: Thu Dec 5 13:07:39 2024 -0700 Add inter-boundary-component-has-direction constraint (GSA#930) (GSA#968) commit 5d6710f Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Thu Dec 5 13:32:28 2024 -0500 Fix dev-constraint.js bug (GSA#967) commit a7f9022 Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Thu Dec 5 13:23:21 2024 -0500 Add exists() to tests and remove duplicate constraint and fix system-implementation context (GSA#966) Remove duplicate constraint and fix system-implementation context commit 780b38a Author: wandmagic <156969148+wandmagic@users.noreply.github.com> Date: Thu Dec 5 12:50:29 2024 -0500 Hotfix/deprecate all valid (GSA#960) * deprecate ssp-all-valid * Update src/validations/constraints/content/ssp-has-network-architecture-diagram-link-href-target-VALID-1.xml Co-authored-by: A.J. Stein <aj@gsa.gov> * Update src/validations/constraints/content/ssp-has-authorization-boundary-diagram-link-href-target-VALID-1.xml Co-authored-by: A.J. Stein <aj@gsa.gov> * Update src/validations/constraints/content/ssp-has-data-flow-diagram-link-href-target-VALID-1.xml Co-authored-by: A.J. Stein <aj@gsa.gov> * Update src/validations/constraints/content/ssp-has-network-architecture-diagram-link-href-target-VALID-1.xml Co-authored-by: A.J. Stein <aj@gsa.gov> * Update fedramp-ssp-example.oscal.xml --------- Co-authored-by: A.J. Stein <aj@gsa.gov> commit 2c0e4de Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Thu Dec 5 10:21:00 2024 -0500 Change cia-has-selected test (GSA#965) commit 9a8e155 Author: wandmagic <156969148+wandmagic@users.noreply.github.com> Date: Wed Dec 4 15:30:29 2024 -0500 Update fedramp-ssp-example.oscal.xml (GSA#959) commit 5f7ce81 Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Tue Dec 3 23:38:31 2024 +0000 change example ssp location commit 56f399e Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Tue Dec 3 23:23:59 2024 +0000 Edit content to make constraints pass commit d521a22 Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Tue Dec 3 19:12:01 2024 +0000 Delete extra ssp commit 8cfb601 Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Tue Dec 3 17:39:38 2024 +0000 Add example ssp to content file and edit constraint script to point yaml pass file to example ssp commit ff8f812 Author: ~ . ~ <paul.n.wand@gsa.gov> Date: Tue Dec 3 13:50:22 2024 -0500 fix ssp to pass tests commit 85ec424 Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Tue Dec 3 17:17:18 2024 +0000 Add example ssp to content file and edit constraint script to point yaml pass file to example ssp commit 7312686 Author: Kylie Hunter <kylie.hunter@gsa.gov> Date: Mon Nov 25 16:15:01 2024 -0700 Add connection-security prop constraint for GSA#931 commit 6ccb539 Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Tue Dec 3 16:39:47 2024 -0500 Add `issue-893` Constraints (GSA#949) * Add component-has-non-provider-responsible-role and tests * Add constraints and tests * Edit message commit dd3be5f Author: wandmagic <156969148+wandmagic@users.noreply.github.com> Date: Tue Dec 3 16:39:32 2024 -0500 remove rev4 constraints (GSA#954) commit 113c4f5 Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Tue Dec 3 15:42:43 2024 -0500 Fix Bug Issue GSA#940 (GSA#951) commit c6f8e8f Author: wandmagic <156969148+wandmagic@users.noreply.github.com> Date: Tue Dec 3 13:08:35 2024 -0500 implementation point constraint (GSA#936) * implementation point constraint * add help uri * improve constraint * add extra fail content * Update src/validations/constraints/content/ssp-all-VALID.xml Co-authored-by: DimitriZhurkin <dimitri.zhurkin@noblis.org> * Update fedramp-external-constraints.xml Co-authored-by: Rene Tshiteya <rene-claude.tshiteya@gsa.gov> * implementation point constraint * add help uri * improve constraint * add extra fail content * Update src/validations/constraints/content/ssp-all-VALID.xml Co-authored-by: DimitriZhurkin <dimitri.zhurkin@noblis.org> * Update fedramp-external-constraints.xml Co-authored-by: Rene Tshiteya <rene-claude.tshiteya@gsa.gov> * add needed props to all valid * rebase Co-Authored-By: A.J. Stein <aj@gsa.gov> * Update src/validations/constraints/fedramp-external-constraints.xml Co-authored-by: A.J. Stein <aj@gsa.gov> --------- Co-authored-by: DimitriZhurkin <dimitri.zhurkin@noblis.org> Co-authored-by: Rene Tshiteya <rene-claude.tshiteya@gsa.gov> Co-authored-by: A.J. Stein <aj@gsa.gov> commit 1377478 Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Tue Dec 3 08:57:37 2024 -0500 Add `component-responsible-role-references-party` constraint (GSA#945) * Add constraint 'component-responsible-role-references-party' and tests * correct test * Rename constraint and adjust help-url * Edit message Co-authored-by: A.J. Stein <aj@gsa.gov> --------- Co-authored-by: A.J. Stein <aj@gsa.gov> commit a8461fb Author: ~ . ~ <paul.n.wand@gsa.gov> Date: Mon Dec 2 11:09:13 2024 -0500 pin server + update oscal-js version commit b82c417 Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Mon Dec 2 14:07:05 2024 -0500 Add `leveraged-authorization-has-valid-impact-level` Constraint (GSA#913) * Add leveraged-authorization constraint * rename constraint * fix constraint test * correct constraint test * Change 'http' to 'https' * Add level commit 1db5f97 Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Mon Dec 2 13:13:17 2024 -0500 Constraints/cleanup constraints file (GSA#946) * clean up fedramp-external-constraints.xml * fix * Add message to fully-operational-date-type
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Committer Notes
Purpose
This PR adds a constraint to ensure that a digital authorization package maintains appropriate FIPS-199 impact levels for leveraged authorizations within an SSP. This update helps avoid pass-back errors by aligning with the system's security sensitivity level (e.g., low, moderate, or high).
Changes
expectconstraint to check that all leveraged authorizations define the appropriate FIPS-199 impact level (low, moderate, or high).ssp-all-VALID.xmlto have proper data to trigger the constraint and pass.All Submissions:
- [ ] If applicable, have all FedRAMP Documents Related to OSCAL Adoption affected by the changes in this issue have been updated.?Documentation already existsBy submitting a pull request, you are agreeing to provide this contribution under the CC0 1.0 Universal public domain dedication.