HomeGuidesAPI ReferenceChangelog
Log In
Guides

FedRAMP

Suggest Edits

RegScale FedRAMP CLI

The FedRAMP (Federal Risk and Authorization Management Program) CLI command is used to bulk-process and load OSCAL formatted JSON files into RegScale. It serves the following purposes:

  • Performs bulk loading of data via the command line
  • Allows for scripting the loading of many files in batch
  • Avoids the need to custom code FedRAMP file loading into RegScale via APIs

FedRAMP rev4 Commands

Load an MS Word Formatted Security Plan

Usage: regscale fedramp load-fedramp-docx --file_name './path/to/yourSSP.docx'
A list of parameters available:

  • file_name - a path to the file for the SSP you are creating. # Required
  • base_fedramp_profile - the name of the RegScale profile to use. Defaults to FedRAMP - High
  • add_missing - True|False Will add controls that are in the security plan but not in the profile. Defaults to False
  • save_data - True|False Will save the data as a json file. Defaults to False

FedRAMP rev5 Commands

Load an OSCAL (XML) formatted Security Plan

Usage: regscale fedramp import-fedramp-ssp-xml --file_path ./very_important_fedramp_ssp.xml --catalogue_id 5

NOTE: This command works for both rev4 and rev5 versions of OSCAL system security plans.

A list of parameters available:

  • file_path - a path to the file for the OSCAL SSP you are creating. # Required
  • catalogue_id - the id of the RegScale catalog corresponding to the Security Plan to be imported

Load an MS Word Formatted SSP and Appendix A

Import a rev 5 FedRAMP Security Plan and associated Appendix A (control implementations)

Usage: regscale fedramp load-fedramp-docx-v5 --file_name './path/to/yourSSP.docx'
A list of parameters available:

  • file_name - a path to the file for the SSP you are creating. # Required
  • appendix_a_file_name - a path to the file for the Appendix A of the SSP you are creating. # Required
  • base_fedramp_profile_id - the name of the RegScale profile id to use.
  • add_missing - True|False Will add controls that are in the security plan but not in the profile. Defaults to False
  • save_data - True|False Will save the data as a json file. Defaults to False

Load an MS Word Formatted Appendix A

Import a rev 5 FedRAMP Appendix A (control implementations) into an existing RegScale Security Plan record

Usage: regscale fedramp load-fedramp-appendix-a --appendix_a_file_name './path/to/yourAppendixA.docx'
A list of parameters available:

  • appendix_a_file_name - a path to the file for the Appendix A of the SSP you are creating. # Required
  • base_fedramp_profile_id - the name of the RegScale profile id to use.
  • add_missing - True|False Will add controls that are in the security plan but not in the profile. Defaults to False
  • regscale_id - id of the RegScale security plan to which to associate the Appendix A information # Required

Load an MS Excel Formatted CIS/CRM

Usage: regscale fedramp import-cis-crm --file_path './path/to/yourCISCRM.xlsx'

A list of all parameters available:

  • file_path - path to the file for the cis\crm #Required
  • crm_sheet_name- name of the sheet within the excel workbook containing the crm information #Required
  • cis_sheet_name- name of the sheet within the excel workbook containing the cis information #Required
  • regscale_ssp_id - id of the RegScale security plan to which to associate the cis/crm information #Required
  • leveraged_auth_id - id of existing leveraged authorization to which to associate the cis/crm information

Load an MS Excel Formatted POA&M

Usage: regscale fedramp import-poam --file_path './path/to/yourPOA&M.xlsx'

A list of all parameters available:

  • file_path - path to the file for the POA&M #Required
  • regscale_id - id of the securityplan to which to import the POA&M information #Required
  • regscale_module - use "securityplans" #Required

Load an MS Excel Formatted Deviation Request Form

Usage regscale fedramp import-drf --file_path './path/to/yourDRF.xlsx'

A list of all parameters available:

  • file_path - path to the file for the Deviation Request Form file #Required
  • regscale_id - id of the securityplan to which to import the POA&M information #Required
  • regscale_module - use "securityplans" #Required

Load an MS Excel Formatted Inventory

Usage: `regscale fedramp import_fedramp_inventory --path './path/to/yourPOA&M.xlxs'

A list of all parameters available:

  • path - path to the file for the Integrated Inventory file #Required
  • sheet_name - name of the sheet within the excel workbook containing the FedRAMP inventory # Required
  • regscale_id - id of the securityplan to which to import the POA&M information #Required
  • regscale_module - use "securityplans" #Required

Example FedRAMP Documents

The FedRAMP Program Management Office (PMO) maintains a github repository with a wealth of OSCAL templates, document templates, and guides:

Updated 21 days ago