Skip to content

CCCS Medium Cloud Control Profile

The Canadian Centre for Cyber Security (CCCS) Medium Cloud Control Profile provides security control baselines for cloud services used by the Government of Canada. This profile defines medium-level security requirements for protecting cloud-based systems and data classified as Protected B, Medium Integrity, and Medium Availability. It is primarily used by Canadian federal government departments and agencies adopting cloud services.

Terraform Registry Subdomain: cccsmedium

module "..." {
  source  = "cccsmedium.compliance.tf/terraform-aws-modules/<module>/aws"
  version = "<version>"
}

module "..." {
  source = "https://cccsmedium.compliance.tf/terraform-aws-modules/<module>/aws"
}

Refer to the Terraform Registry Endpoints section for more details.

Implemented Controls

The following controls are implemented as part of this framework.

Enable/Disable Controls

You can customize the Terraform module for the desired compliance requirements by enabling/disabling individual controls.

Examples

S3 bucket module with CCCS Medium Cloud Control Profile compliance framework controls enabled, and a couple of controls disabled

module "..." {
  source = "https://cccsmedium.compliance.tf/terraform-aws-modules/s3-bucket/aws?disable=backup_plan_min_retention_35_days,cloudwatch_alarm_action_enabled"
}