HomeGuidesAPI ReferenceChangelogDiscussions
Log In

RegScale FedRAMP CLI

The FedRAMP (Federal Risk and Authorization Management Program) CLI command is used to bulk-process and load OSCAL formatted JSON files into RegScale. It serves the following purposes:

  • Performs bulk loading of data via the command line
  • Allows for scripting the loading of many files in batch
  • Avoids the need to custom code FedRAMP file loading into RegScale via APIs
    The current CLI supports bulk uploading of:
  • SSP
    Future iterations will support loading Security Assessment Plan (SAP) and Security Assessment Report (SAR) from FedRAMP OSCAL templates.
    NOTE - all importers only support OSCAL JSON files. XML and YAML are not supported.

Supported CLI Commands

The following commands are supported via this CLI:

Load an OSCAL formatted SSP

Usage: regscale fedramp load-fedramp-oscal --file_name ./very_important_fedramp_ssp.json
A list of parameters available:

  • file_name - a path to the file for the SSP you are creating. # Required
  • submission_date - a submission date for the SSP, defaulted to today. [YYYY-MM-DD] format
  • expiration_date - an expiration date for the SSP, defaulted to 3 years from now. [YYYY-MM-DD] format

Load a MS Word formatted SSP

Usage: regscale fedramp load-fedramp-docx --file_name './path/to/yourSSP.docx'
A list of parameters available:

  • file_name - a path to the file for the SSP you are creating. # Required
  • base_fedramp_profile - the name of the RegScale profile to use. Defaults to FedRAMP - High
  • add_missing - True|False Will add controls that are in the security plan but not in the profile. Defaults to False
  • save_data - True|False Will save the data as a json file. Defaults to False

Example FedRAMP Documents

The FedRAMP Program Management Office (PMO) maintains a github repository with a wealth of OSCAL templates, document templates, and guides:

FedRAMP v5

Usage: regscale fedramp load-fedramp-docx-v5 --file_name './path/to/yourSSP.docx'
A list of parameters available:

  • file_name - a path to the file for the SSP you are creating. # Required
  • appendix_a_file_name - a path to the file for the Appendix A of the SSP you are creating. # Required
  • base_fedramp_profile_id - the name of the RegScale profile id to use.
  • add_missing - True|False Will add controls that are in the security plan but not in the profile. Defaults to False
  • save_data - True|False Will save the data as a json file. Defaults to False