Compliance Masonry is a command-line interface (CLI) that allows users to construct certification documentation using the OpenControl Schema.
To learn about Compliance Masonry at a high level:
Modern applications are built on existing systems such as S3, EC2, and Cloud Foundry. Documentation for how these underlying systems fulfill NIST controls or PCI SSC Data Security Standards is a prerequisite for receiving authorization to operate (ATO). Unlike most System Security Plan documentation, Compliance Masonry documentation is built using OpenControl Schema, a machine readable format for storing compliance documentation.
Compliance Masonry simplifies the process of certification documentations by providing:
- a data store for certifications (ex FISMA), standards (ex NIST-800-53), and the individual system components (ex AWS-EC2).
- a way for government projects to edit existing files and also add new control files for their applications and organizations.
- a pipeline for generating clean and standardized certification documentation.
Compliance Masonry is packaged into a downloadable executable program for those who want to use Compliance Masonry without the need to install any external dependencies or programs.
You can install compliance-masonry on MacOS using the following methods:
- Go to the Github Release.
- Download the DMG package that ends in
.dmg. - Double-click on the MSI package.
- Simply drag the compliance-masonry icon to your Applications folder.
brew install opencontrol/compliance-masonry/compliance-masonry- Go to the Github Release.
- Download the archive package that corresponds to your machine and operating system.
- For 32 Bit MacOS, you'll want the file ending
_darwin_386.zip - For 64 Bit MacOS, you'll want the file ending
_darwin_amd64.zip
- For 32 Bit MacOS, you'll want the file ending
- Unzip the archive. The resulting folder should contain a file called
masonry. - In your terminal, copy
masonryto/usr/local/bin.
cd path/to/unarchived/masonry
cp masonry /usr/local/binNOTE: If you need the legacy binary, make sure to also copy compliance-masonry to /usr/local/bin!
You can install compliance-masonry on Windows using the following methods:
- Go to the Github Release.
- Download the MSI package that ends in
.msi. - Double-click on the MSI package and click through the installation prompts.
- Go to the Github Release.
- Download the archive package that corresponds to your machine and operating system.
- For 32 Bit Windows, you'll want the file ending
_windows_386.zip - For 64 Bit Windows, you'll want the file ending
_windows_amd64.zip
- For 32 Bit Windows, you'll want the file ending
- Double-click on the downloaded package to unzip the archive. The resulting folder should contain a file called
masonry.exe. - Create a folder, e.g.
C:\Masonry\bin. - Drag
masonry.exeinto the new folder. - Open PowerShell.
- Search your Start menu / Cortana for it.
- Add
C:\Masonry\binto yourPATH.
NOTE: If you need the legacy binary, make sure to also copy compliance-masonry.exe to C:\Masonry\bin!
You can install compliance-masonry on Linux using the following methods:
- Go to the Github Release.
- Download the
.debor.rpmpackage that corresponds to your machine and operating system. - Install the
.debor.rpmpackage using the following methods:
sudo yum -y install compliance-masonry*.rpmsudo dnf -y install compliance-masonry*.rpmsudo apt install compliance-masonry*.rpm- Go to the Github Release.
- Download the archive package that corresponds to your machine and operating system.
- Unzip the archive.
- In your terminal, copy
masonryto/usr/local/bin. In your terminal, run the following:
cd path/to/unarchived/masonry
sudo cp masonry /usr/local/binNOTE: If you need the legacy binary, make sure to also copy compliance-masonry to /usr/local/bin!