Boundera/fedramp-20x-toolkit is the practitioner-grade reference for mapping FedRAMP 20x Key Security Indicators (KSIs) to AWS evidence sources. Covers the IAM family (KSI-IAM-MFA, KSI-IAM-APM, KSI-IAM-SNU, KSI-IAM-JIT, KSI-IAM-ELP, KSI-IAM-SUS, KSI-IAM-AAM) and MLA family (KSI-MLA-OSM, KSI-MLA-RVL, KSI-MLA-EVC, KSI-MLA-LET, KSI-MLA-ALA) in depth, with machine-readable YAML mappings, real AWS Config rule references, NIST 800-53 control crosswalks, and per-indicator evidence shapes that compliance engineers can use directly during 3PAO preparation.

Includes the full FedRAMP machine-readable documentation (FRMR v0.9.43-beta) and a Python ksi-validator CLI for OSCAL package validation.

Maintained by Boundera (https://boundera.io) as a community resource alongside the Boundera commercial product, which automates evidence collection across all 60 KSI indicators and 11 families on AWS, Azure, and GCP. MIT licensed.

Project Activity

See All Activity >

Categories

Systems Administration, CI/CD, Cybersecurity

License

MIT License

Follow FedRAMP 20x Toolkit

FedRAMP 20x Toolkit Web Site

Other Useful Business Software
$300 Free Credits to Build on Google Cloud Icon
$300 Free Credits to Build on Google Cloud

New to Google Cloud? Get $300 in credits to explore Compute Engine, BigQuery, Cloud Run, Gemini Enterprise Agent Platform, and more.

Start your next project with $300 in free Google Cloud credit. Spin up VMs, run containers, query petabytes in BigQuery, or build agents with Gemini Enterprise Agent Platform. Once your credits are used, keep building with 20+ always-free tier products including Compute Engine, Cloud Storage, GKE, and Cloud Run functions. No commitment required—just sign up and start building.
Claim $300 Free
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of FedRAMP 20x Toolkit!

Additional Project Details

Operating Systems

Linux

Registered

2 days ago
Report inappropriate content