Compliance Masonry
Compliance Masonry is a command-line interface (CLI) that allows users to construct certification documentation using the OpenControl Schema.
Overview
To learn about Compliance Masonry at a high level:
Benefits
Modern applications are built on existing systems such as S3, EC2, and Cloud Foundry. Documentation for how these underlying systems fulfill NIST controls or PCI SSC Data Security Standards is a prerequisite for receiving authorization to operate (ATO). Unlike most System Security Plan documentation, Compliance Masonry documentation is built using OpenControl Schema, a machine readable format for storing compliance documentation.
Compliance Masonry simplifies the process of certification documentations by providing:
- a data store for certifications (ex FISMA), standards (ex NIST-800-53), and the individual system components (ex AWS-EC2).
- a way for government projects to edit existing files and also add new control files for their applications and organizations.
- a pipeline for generating clean and standardized certification documentation.
Installation
Compliance Masonry is packaged into a downloadable executable program for those who want to use Compliance Masonry without the need to install any external dependencies or programs.
MacOS
You can install compliance-masonry on MacOS using the following methods:
DMG Installation
- Go to the Github Release.
- Download the DMG package that ends in
.dmg. - Double-click on the MSI package.
- Simply drag the compliance-masonry icon to your Applications folder.
Installing from Archive
- Go to the Github Release.
- Download the archive package that corresponds to your machine and operating system.
- For 32 Bit MacOS, you'll want the file ending
_darwin_386.zip - For 64 Bit MacOS, you'll want the file ending
_darwin_amd64.zip
- For 32 Bit MacOS, you'll want the file ending
- Unzip the archive. The resulting folder should contain a file called
masonry. - In your terminal, copy
masonryto/usr/local/bin.
cd path/to/unarchived/masonry
cp masonry /usr/local/binNOTE: If you need the legacy binary, make sure to also copy compliance-masonry to /usr/local/bin!
Windows
You can install compliance-masonry on Windows using the following methods:
MSI Installation
- Go to the Github Release.
- Download the MSI package that ends in
.msi. - Double-click on the MSI package and click through the installation prompts.
Installing from Archive
- Go to the Github Release.
- Download the archive package that corresponds to your machine and operating system.
- For 32 Bit Windows, you'll want the file ending
_windows_386.zip - For 64 Bit Windows, you'll want the file ending
_windows_amd64.zip
- For 32 Bit Windows, you'll want the file ending
- Double-click on the downloaded package to unzip the archive. The resulting folder should contain a file called
masonry.exe. - Create a folder, e.g.
C:\Masonry\bin. - Drag
masonry.exeinto the new folder. - Open PowerShell.
- Search your Start menu / Cortana for it.
- Add
C:\Masonry\binto yourPATH.
NOTE: If you need the legacy binary, make sure to also copy compliance-masonry.exe to C:\Masonry\bin!
Linux
You can install compliance-masonry on Linux using the following methods:
Package installation
- Go to the Github Release.
- Download the
.debor.rpmpackage that corresponds to your machine and operating system. - Install the
.debor.rpmpackage using the following methods:
YUM Installation
sudo yum -y install compliance-masonry*.rpmDNF Installation
sudo dnf -y install compliance-masonry*.rpmDEB Installation
sudo apt install compliance-masonry*.rpmInstalling from Archive
- Go to the Github Release.
- Download the archive package that corresponds to your machine and operating system.
- Unzip the archive.
- In your terminal, copy
masonryto/usr/local/bin. In your terminal, run the following:
cd path/to/unarchived/masonry
sudo cp masonry /usr/local/binNOTE: If you need the legacy binary, make sure to also copy compliance-masonry to /usr/local/bin!
Examples
See this list of OpenControl project examples.