FedRAMP (BETA)

RegScale FedRAMP CLI

The FedRAMP (Federal Risk and Authorization Management Program) CLI command is used to bulk-process and load OSCAL formatted JSON files into RegScale. It serves the following purposes:

• Performs bulk loading of data via the command line
• Allows for scripting the loading of many files in batch
• Avoids the need to custom code FedRAMP file loading into RegScale via APIs
  The current CLI supports bulk uploading of:
• SSP
  Future iterations will support loading Security Assessment Plan (SAP) and Security Assessment Report (SAR) from FedRAMP OSCAL templates.
  NOTE - all importers only support OSCAL JSON files. XML and YAML are not supported.

Supported CLI Commands

The following commands are supported via this CLI:

Load an OSCAL formatted SSP

Usage: regscale fedramp load-fedramp-oscal --file_name ./very_important_fedramp_ssp.json
A list of parameters available:

• file_name - a path to the file for the SSP you are creating. # Required
• submission_date - a submission date for the SSP, defaulted to today. [YYYY-MM-DD] format
• expiration_date - an expiration date for the SSP, defaulted to 3 years from now. [YYYY-MM-DD] format

Load a MS Word formatted SSP

Usage: regscale fedramp load-fedramp-docx --file_name './path/to/yourSSP.docx'
A list of parameters available:

• file_name - a path to the file for the SSP you are creating. # Required
• base_fedramp_profile - the name of the RegScale profile to use. Defaults to FedRAMP - High

Example FedRAMP Documents

The FedRAMP Program Management Office (PMO) maintains a github repository with a wealth of OSCAL templates, document templates, and guides:

• FedRAMP OSCAL Content
• FedRAMP Documents and Templates