Custom Frameworks

Learn how to create a custom framework to use when running CoreStack Assesments against your cloud accounts/workloads.

Suggest Edits

Introduction

In the CoreStack application, users can add custom frameworks that are used to perform assessments.

Each framework has multiple questions and associated best practices. While creating a custom framework, best practices are uploaded in bulk. A user can modify or delete a custom framework anytime.

A framework is made up of a set of best practices that are identified through nature, type, classification, etc. If the nature of the best practice is Manual, then a user has to validate manually whether a best practice is implemented correctly or not. If the nature of the best practice is Automated, then it means that policies are mapped to it and the execution of policies provide clarity on the state of best practices.

Every assessment is associated with a workload and a framework and the user can go to the Assessments > Workload Assessments > View Details screen to view all the assessment details.

View existing frameworks

Marketplace frameworks are offered by CoreStack by default, and custom frameworks are user-defined frameworks.

Users can view marketplace frameworks and custom frameworks in two separate tabs on the Frameworks screen. Users can go to the Frameworks tab and view the list of available marketplace frameworks and they can go to Custom Frameworks tab to view the list of user-defined frameworks.

Every framework provides the option to download a copy of it and view related best practice details. Specifically, you can view the list of questions and list of best practices for each question.

Users can click the download icon to download a particular framework. A downloaded framework can be modified and then uploaded as a custom framework.

On a particular framework, you can click Best Practice to view the list of questions and the related best practices.

Create a new framework

Perform the following steps to create a new framework:

  1. Sign in to the CoreStack application.

  2. Click Assessments> Frameworks.

  3. In the Tenant list, click to select a tenant.

  4. Click Custom Frameworks > Create Custom Framework.

  1. In the Name box, type a name for the new framework.

  2. In the Description box, type a description for the framework.

  3. In the Clouds list, click to select the cloud provider and then click Ok.

    Users can select multiple cloud providers from AWS, Azure, and GCP. If the user selects a single cloud, then the framework is related to that particular cloud account. If the user selects multiple cloud providers, then the custom framework is applicable for the selected providers.

  1. In the Logo field, click Upload logo and perform the following:
    • In the dialog box that opens, click Choose image, and then select a logo to upload it. Only .JPEG and .PNG files are the acceptable file formats that can be uploaded and the file size should not exceed 6MB.
    • Click Upload logo.
  1. In the Best Practices section, click Import best practices and perform the following:
    • In the dialog box that opens, click Upload File and then select a file to upload it. The file to be uploaded should be in .CSV format only.
    • Click Import.

📘

Note:

You can download a .CSV file from any of the existing frameworks to modify the best practices and re-use it.

The .CSV file, when uploaded, should contain details for the following fields:

  • Pillar ID
  • Pillar name
  • Question ID
  • Question
  • Question description
  • Best practice ID
  • Best practice
  • Best practice description
  • Risk
  • Recommendation
  • Policies.
  1. Click Save.

After a new framework is saved, it is displayed on the Frameworks > Custom Frameworks screen.

For a custom framework, you can click Best Practice > Edit Framework to modify the framework details and save it or you can click Delete Framework to delete an existing framework. A marketplace framework cannot me modified or deleted.

Updated 6 months ago