| Vendor | FINOS |
| Product | CCC-Complete (Behavioural) |
| Version | 0.1 |
CCC-Complete (Behavioural) 0.1
Test results for this specific product, vendor, and version combination
Download Raw Results
Download the original OCSF, Gemara, or HTML result files used to generate this page
Test Summary
Aggregate summary of all tests for this configuration result
| Resources In Configuration | 1 |
| Count of Tests | 8 |
| Passing Tests | 8 |
| Failing Tests | 0 |
| Catalogs Tested | CCC.SecMgmt |
Control Catalog Summary
Summary of test results grouped by control catalog and resource
| Control Catalog | Resources | Total Tests | Passing | Failing | Tested Requirements | Missing Requirements | Unused Core Requirements |
|---|---|---|---|---|---|---|---|
| CCC.SecMgmt | finos-ccc-integratio... | 8 | 8 | 0 | All covered | None |
Test Mapping Summary
Summary of test mappings showing how event codes map to test requirements
| Control Catalog | Test Requirement | Mapped Tests (Event Code | Total | Passing | Failing) |
|---|---|---|
| CCC.SecMgmt | CCC.SecMgmt.CN01.AR01 Attempt to use an outdated version of a secret after its rotation period has passed and verify that access is denied. | Current secret version is readable220 Stale secret version retrieve is denied220 |
| CCC.SecMgmt | CCC.SecMgmt.CN02.AR01 Attempt to retrieve a secret from an unauthorized region and verify that access is denied. | Authorized region read succeeds220 Unauthorized region read is denied220 |
Resource Summary
Summary of all resources mentioned in OCSF results
| Resource Name | Resource Type | Control Catalogs | Total Tests | Passing | Failing |
|---|---|---|---|---|---|
finos-ccc-integration-secret-main | secrets | CCC.SecMgmt | 8 | 8 | 0 |
Test Results
OCSF test results filtered for entries with CCC compliance mappings
| Status | Finding | Resource Name | Resource Type | Message | Test Requirements |
|---|---|---|---|---|---|
| PASS | Current secret version is readable ✓ a cloud api for "{config}" in "api"
✓ I call "{api}" with "GetServiceAPI" using argument "secrets"
✓ I refer to "{result}" as "svc"
✓ I call "{svc}" with "RetrieveSecretVersion" using arguments "{uid}" and "latest"
✓ "{result}" is not an error
✓ I refer to "{result}" as "currentSecret"
✓ I attach "{currentSecret}" to the test output as "Current Secret Version"
✓ "{currentSecret.Denied}" is "false" | finos-ccc-integration-secret-main | secrets | Current secret version is readable | |
| PASS | Stale secret version retrieve is denied ✓ a cloud api for "{config}" in "api"
✓ I call "{api}" with "GetServiceAPI" using argument "secrets"
✓ I refer to "{result}" as "svc"
✓ I call "{svc}" with "RetrieveSecretVersion" using arguments "{uid}" and "{stale-version-id}"
✓ "{result}" is an error | finos-ccc-integration-secret-main | secrets | Stale secret version retrieve is denied | |
| PASS | Authorized region read succeeds ✓ a cloud api for "{config}" in "api"
✓ I call "{api}" with "GetServiceAPI" using argument "secrets"
✓ I refer to "{result}" as "svc"
✓ I call "{svc}" with "RetrieveSecretInRegion" using arguments "{uid}" and "{authorized-region}"
✓ "{result}" is not an error
✓ I refer to "{result}" as "authorizedRead"
✓ I attach "{authorizedRead}" to the test output as "Authorized Region Read"
✓ "{authorizedRead.Denied}" is "false" | finos-ccc-integration-secret-main | secrets | Authorized region read succeeds | |
| PASS | Unauthorized region read is denied ✓ a cloud api for "{config}" in "api"
✓ I call "{api}" with "GetServiceAPI" using argument "secrets"
✓ I refer to "{result}" as "svc"
✓ I call "{svc}" with "RetrieveSecretInRegion" using arguments "{uid}" and "{unauthorized-region}"
✓ "{result}" is an error | finos-ccc-integration-secret-main | secrets | Unauthorized region read is denied | |
| PASS | Current secret version is readable ✓ a cloud api for "{config}" in "api"
✓ I call "{api}" with "GetServiceAPI" using argument "secrets"
✓ I refer to "{result}" as "svc"
✓ I call "{svc}" with "RetrieveSecretVersion" using arguments "{uid}" and "latest"
✓ "{result}" is not an error
✓ I refer to "{result}" as "currentSecret"
✓ I attach "{currentSecret}" to the test output as "Current Secret Version"
✓ "{currentSecret.Denied}" is "false" | finos-ccc-integration-secret-main | secrets | Current secret version is readable | |
| PASS | Stale secret version retrieve is denied ✓ a cloud api for "{config}" in "api"
✓ I call "{api}" with "GetServiceAPI" using argument "secrets"
✓ I refer to "{result}" as "svc"
✓ I call "{svc}" with "RetrieveSecretVersion" using arguments "{uid}" and "{stale-version-id}"
✓ "{result}" is an error | finos-ccc-integration-secret-main | secrets | Stale secret version retrieve is denied | |
| PASS | Authorized region read succeeds ✓ a cloud api for "{config}" in "api"
✓ I call "{api}" with "GetServiceAPI" using argument "secrets"
✓ I refer to "{result}" as "svc"
✓ I call "{svc}" with "RetrieveSecretInRegion" using arguments "{uid}" and "{authorized-region}"
✓ "{result}" is not an error
✓ I refer to "{result}" as "authorizedRead"
✓ I attach "{authorizedRead}" to the test output as "Authorized Region Read"
✓ "{authorizedRead.Denied}" is "false" | finos-ccc-integration-secret-main | secrets | Authorized region read succeeds | |
| PASS | Unauthorized region read is denied ✓ a cloud api for "{config}" in "api"
✓ I call "{api}" with "GetServiceAPI" using argument "secrets"
✓ I refer to "{result}" as "svc"
✓ I call "{svc}" with "RetrieveSecretInRegion" using arguments "{uid}" and "{unauthorized-region}"
✓ "{result}" is an error | finos-ccc-integration-secret-main | secrets | Unauthorized region read is denied |