Policy: AWS > Well-Architected Tool > AWS Well-Architected Framework > Security > SEC 01. How do you securely operate your workload? > Automate testing and validation of security controls in pipelines
Establish secure baselines and templates for security mechanisms that are tested and validated as part of your build, pipelines, and processes. Use tools and automation to test and validate all security controls continuously. For example, scan items such as machine images and infrastructure as code templates for security vulnerabilities, irregularities, and drift from an established baseline at each stage.
See Automate testing and validation of security controls in pipelines for more information.
Resource Types
This policy targets the following resource types:
Primary Policy
This policy is used with the following primary policy:
Controls
- AWS > Well-Architected Tool > AWS Well-Architected Framework > Security
- AWS > Well-Architected Tool > AWS Well-Architected Framework > Security > SEC 01. How do you securely operate your workload?
Policy Specification
Schema Type | |
|---|---|
Default | |
Valid Values [YAML] |
|
Category
In Your Workspace
Developers
- tmod:@turbot/turbot#/control/categories/other
- tmod:@turbot/aws-wellarchitected-framework#/policy/types/sec01TestValidatePipeline
- turbot graphql policy-type --id "tmod:@turbot/aws-wellarchitected-framework#/policy/types/sec01TestValidatePipeline"
- turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/aws-wellarchitected-framework#/policy/types/sec01TestValidatePipeline"
Get Policy TypeGet Policy Settings
Category URI
Policy Type URI
GraphQL
CLI