Terminology

This page provides essential terminology and concepts for understanding and using OpenGovernance. Understanding these terms is crucial for effectively utilizing OpenGovernance to manage and govern your cloud resources and policies.

General

Integration

The capability to connect and manage external platforms through Connectors. Integrations facilitate real-time data synchronization and governance across systems, enhancing operational efficiency and compliance.

Connector

A module for integrating external services like AWS, Azure, and EntraID. The platform has over 50+ Connectors enable seamless management and governance of these platforms. Communit edition includes 3 connectors - AWS, Azure, and EntraID, allowing you to setup integerations.

Connection

An active integration using a Connector, such as AWS Accounts or Azure Subscriptions, facilitating seamless management and governance.

Assets

An entity like a Cloud Asset or Identity, whose configuration and attributes are discovered and managed. Assets are key to maintaining governance and compliance across your environment. Examples: Kubernetes Objects such as Deployments, AWS EBS Disk, KMS Key, GitHub Deployment.

Analytics

A feature that schedules and Executes predefined queries on asset entities, saving sums or counts and tracking historical data trends to enhance governance and compliance. There are over 500+ Analytics allowing you to track count of key entities (such as VMs, disks etc.) and consumption of key services (such as daily cost of a certain service) Examples:

• Inventory Analytics: Counts AWS EC2 Instances and S3 Buckets.

• Spend Analytics: Captures specific expenditures over the last 24 hours.

Audit Compliance

A feature that facilitates governance by enabling the definition of controls, specifying their scope, evaluating these policies systematically, and capturing the outcomes to ensure adherence to regulatory and internal standards.

Benchmark

A benchmark is a structured collection of controls organized into sections and subsections. It helps manage and scale policy implementation, facilitates audits, captures compliance evidence, and highlights deviations across platforms like AWS, Azure, and GitHub. Benchmarks can cover multiple platforms and focus on industry standards such as SOC2 or engineering best practices.

Controls

A Control, defined in a YAML file, is a rule. It acts as a rule to audit compliance, operational standards, and best practices, ensuring consistency and adherence to industry standards. Each policy clearly defines "pass" and "fail" criteria, along with a reason. This provides essential evidence for audits and compliance efforts. Controls and Policies mean the exact same them.

Findings

When a Policy is evaluated against a defined entity, the outcome is recorded in a Findings object. Each Finding captures the time, resource, outcome, and also the evidence in JSON.

Event

Event is a child object of Finding that lets you track drift events. When a Policy is evaluated against a defined entity, and the parent Benchmark is enabled to track Audit Drifts, the state recorded at each evaluation is appended as an event to is recorded in a Findings object. This lets you track Audit