What is DOD Cloud IaC?
Infrastructure as Code is a product that leverages IaC automation to generate preconfigured, Platform as a Service (PaaS) focused environments. DOD Cloud IaC creates the basic building blocks that all DOD systems need. It helps to jump start setting up networking, auditing, identity, and notifies administrators if they configure something outside of DOD security standards.
Why DOD Cloud IaC?
Adoption of cloud services can take over a year. This is even after FEDRAMP and DISA Provisional Authorization (PA). That is a long time and a lot of effort to go live without cloud services. DOD Cloud IaC enables you to overcome most of the design complexities inherent to standing up a cloud environment.
The Speed of DOD Cloud IaC
DOD Cloud IaC supports accelerated adoption by leveraging automation in the form of IaC templates that build out cloud environments in minutes. DOD Cloud IaC also speeds the authorization process with inheritable common controls and the use of PaaS services which eliminate the need for STIGs, ACAS and HBSS. This means that DOD Cloud IaC can deliver organizations a PaaS environment quickly and efficiently.
What’s in DOD Cloud IaC?
Using an IaC template, you will start with Network Security, Audit Logging, Enterprise Identity & Authentication, Least Privilege Model, and Secure Configuration Policies. All this gives you a quick and easy starting point for your PaaS. You are also able to extend the templates for additional instances of an application or database while still meeting security requirements.
DOD Cloud IaC provides real-time continuous monitoring using 200+ Policies to enforce secure cloud configuration. There is also built-in integration with Security Information and Event Management (SIEM) & Security Orchestration, Automation, and Response (SOAR) tools for real-time alerting and threat identification.
Identity Solution
DOD Cloud IaC provides a complete identity solution for both privileged users and application-level CAC users. It also integrates with DISA’s Global Directory service to federate with DOD’s Enterprise Identity Infrastructure.