AGENDA for 2020-01-16
Meeting minutes status: Draft (pending approval)
...
| Name | Organisation | Github ID (optional) |
|---|---|---|
| Jason Nelson | JPMC | |
| James McLeod | FINOS | |
| Tosha Ellison | FINOS | |
| Rob Underwood | FINOS | |
| Kirsten Newcomer | Red Hat | |
| Abdullah Garcia | JPMC | |
| Anthony Golia | Red Hat | |
| Eric Tice | Wipro | |
| Freedie Leadsom | Deutsche Bank |
Outstanding Action Items
<insert a {Task report} macro here, configured with the group's task page>
...
| Time | Item | Who | Notes from the Meeting |
|---|---|---|---|
| 5 min | Convene & roll call | ||
| 5 min | Approve minutes from previous meeting | ||
| 30min | Jamil and Kirsten to run through the OCP3 repo and introduce the group to the content and how it's executed. During the call we should decide if the repo should be represented in the CSC wiki as a constant and useful reference. | Jamil Mina Kirsten Newcomer Anthony Golia | |
| 15 min | Story Grooming and Epic Setting | Jason and James |
|
| 5 min | AOB |
...
Links Shared
Compliance as Code: https://github.com/ComplianceAsCode/content/blob/master/README.md
CIS Benchmarks: https://www.cisecurity.org/cis-benchmarks/
CSA matrix: https://cloudsecurityalliance.org/research/cloud-controls-matrix/
OpenSCAP open source project: https://www.open-scap.org/
There is also another open source tool for kubernetes: https://github.com/aquasecurity/kube-bench/releases
Action Items
Capture any actions that were identified here, and make sure they are also captured on the group's task page during, or immediately after, the meeting
- Jamil Mina to provide regulation mapping document from RedHat into CSC repo by PR
- Jamil Mina to have conversation with James McLeod (Unlicensed) regarding Red Hat contribution
- Freddie Leadsom to raise PR against the Cloud Service Certification wiki to update content from outside the team
- Jason Nelson to provide initial stories in GitHub to enable the team to move forward writing compliant cloud scripts