DOD Cloud IaC

DOD Cloud Infrastructure as Code (IaC) is a collection of preconfigured templates that use automation to build secure cloud environments. The DOD Cloud IaC templates, called “baselines,” use automation to generate preconfigured, preauthorized, Platform as a Service (PaaS) focused environments. These IaC baselines for Microsoft Azure (Azure), Amazon Web Services (AWS), Google Cloud Platform (GCP), and Oracle Cloud Infrastructure (OCI).

DOD Cloud IaC helps customers adopt cloud smarter and faster, providing our customers with the best value service for their cloud journey. HaCers deploy the baselines in a short onboarding session, which significantly shortens our customers’ cloud journeys.

Why DOD Cloud IaC?

DOD Cloud IaC streamlines cloud deployment, authorization, and security for customers, shortening the typical cloud journey by seven months. DOD Cloud IaC uses automation to accelerate cloud adoption in the form of baselines that build out cloud environments in hours. It also speeds up the authorization process with inheritable common controls and the use of PaaS services, which eliminate the need for Security Technical Implementation Guides (STIGs), Assured Compliance Assessment Solution (ACAS), and Host-Based Security System (HBSS). The DOD Cloud IaC baseline has successfully shortened the deployment of the networking, identity, and security policies for security compliance from the standard 30 weeks down to just two hours.

Features.

DOD Cloud IaC supports accelerated adoption by leveraging automation in the form of IaC templates that build out cloud environments in minutes. DOD Cloud IaC also speeds the authorization process with inheritable common controls and the use of PaaS services which eliminate the need for STIGs, ACAS, and HBSS. This means that DOD Cloud IaC can deliver organizations a PaaS environment quickly
and efficiently.

• Authorization to Operate (ATO) from the DISA Risk Management Executive (RME).
• 100+ Common Controls in Enterprise Mission Assurance Support Service (eMASS) to expedite mission application Assessment & Authorization (A&A).
• Complete identity solution for both privileged users and application-level CAC users, including integration with DISA’s Global Directory service to federate with DOD’s Enterprise
  Identity Infrastructure.
• Baselines at IL2, IL4, IL5 and IL6.
• Real-time continuous monitoring & compliance.
• Architecture standardization support across all Impact Levels (IL) and classifications.
• Cloud service provider (CSP) offerings including native security services and PaaS, which improve integration and technology insertion, reducing the burden of middleware integration, hardening
  and patching.
• Monthly updates that incorporate the latest CSP PaaS services.

Getting started.

Baselines are currently available for Azure, AWS, GCP, and OCI. If you are interested in learning more about DOD Cloud IaC, use the ‘contact us’ form to connect with our team.