Boundera/fedramp-20x-toolkit is the practitioner-grade reference for mapping FedRAMP 20x Key Security Indicators (KSIs) to AWS evidence sources. Covers the IAM family (KSI-IAM-MFA, KSI-IAM-APM, KSI-IAM-SNU, KSI-IAM-JIT, KSI-IAM-ELP, KSI-IAM-SUS, KSI-IAM-AAM) and MLA family (KSI-MLA-OSM, KSI-MLA-RVL, KSI-MLA-EVC, KSI-MLA-LET, KSI-MLA-ALA) in depth, with machine-readable YAML mappings, real AWS Config rule references, NIST 800-53 control crosswalks, and per-indicator evidence shapes that compliance engineers can use directly during 3PAO preparation.

Includes the full FedRAMP machine-readable documentation (FRMR v0.9.43-beta) and a Python ksi-validator CLI for OSCAL package validation.

Maintained by Boundera (https://boundera.io) as a community resource alongside the Boundera commercial product, which automates evidence collection across all 60 KSI indicators and 11 families on AWS, Azure, and GCP. MIT licensed.

Project Activity

See All Activity >

License

MIT License

Follow FedRAMP 20x Toolkit

FedRAMP 20x Toolkit Web Site

Other Useful Business Software
Enterprise-grade ITSM, for every business Icon
Enterprise-grade ITSM, for every business

Give your IT, operations, and business teams the ability to deliver exceptional services—without the complexity.

Freshservice is an intuitive, AI-powered platform that helps IT, operations, and business teams deliver exceptional service without the usual complexity. Automate repetitive tasks, resolve issues faster, and provide seamless support across the organization. From managing incidents and assets to driving smarter decisions, Freshservice makes it easy to stay efficient and scale with confidence.
Try it Free
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of FedRAMP 20x Toolkit!

Additional Project Details

Operating Systems

Linux

Registered

2026-06-04