Cloud Native Architecture¶
Defining Functionality and Privileges¶
KSI-CNA-DFP
Changelog:
- 2026-06-24: Official launch of the FedRAMP Consolidated Rules for 2026.
The functionality and privileges for infrastructure and services are strictly defined.
Enforcing Intended State¶
KSI-CNA-EIS
Changelog:
- 2026-06-24: Official launch of the FedRAMP Consolidated Rules for 2026.
Optional: Automated services are used to persistently assess the security of all machine-based information resources and automatically enforce their intended operational state.
Automated services are used to persistently assess the security of all machine-based information resources and automatically enforce their intended operational state.
Related SP 800-53 Controls: CA-02 (01), CA-07 (01)
Terms: Information Resource, Machine-Based (Information Resources), Persistently
Implementing Best Practices¶
KSI-CNA-IBP
Changelog:
- 2026-06-24: Official launch of the FedRAMP Consolidated Rules for 2026.
The use and configuration of third-party machine-based information resources is persistently compared against the original provider's best practices and guidance.
Related SP 800-53 Controls: AC-17 (03), CM-02, PL-10
Terms: Information Resource, Machine-Based (Information Resources), Persistently
Minimizing Attack Surface¶
KSI-CNA-MAT
Changelog:
- 2026-06-24: Official launch of the FedRAMP Consolidated Rules for 2026.
Machine-based information resources are persistently reviewed to ensure they have a minimal attack surface and that lateral movement is minimized if compromised.
Related SP 800-53 Controls: AC-17 (03), AC-18 (01), AC-18 (03), AC-20 (01), CA-09, SC-07 (03), SC-07 (04), SC-07 (05), SC-07 (08), SC-08, SC-10, SI-10, SI-11, SI-16
Terms: Information Resource, Machine-Based (Information Resources), Persistently
Optimizing for Availability¶
KSI-CNA-OFA
Changelog:
- 2026-06-24: Official launch of the FedRAMP Consolidated Rules for 2026.
Machine-based information resources are persistently reviewed to ensure they are appropriately optimized for high availability and rapid recovery.
Terms: Information Resource, Machine-Based (Information Resources), Persistently
Restricting Network Traffic¶
KSI-CNA-RNT
Changelog:
- 2026-06-24: Official launch of the FedRAMP Consolidated Rules for 2026.
Machine-based information resources are persistently reviewed to ensure they are appropriately configured to limit inbound and outbound network traffic.
Related SP 800-53 Controls: AC-17 (03), CA-09, CM-07 (01), SC-07 (05), SI-08
Terms: Information Resource, Machine-Based (Information Resources), Persistently
Reviewing Protections¶
KSI-CNA-RVP
Changelog:
- 2026-06-24: Official launch of the FedRAMP Consolidated Rules for 2026.
The effectiveness of protection against denial of service attacks and other unwanted activity for machine-based information resources is persistently reviewed.
Related SP 800-53 Controls: SC-05, SI-08, SI-08 (02)
Terms: Information Resource, Machine-Based (Information Resources), Persistently
Using Logical Networking¶
KSI-CNA-ULN
Changelog:
- 2026-06-24: Official launch of the FedRAMP Consolidated Rules for 2026.
Logical networking and related capabilities are used and persistently reviewed to enforce traffic flow controls.
Related SP 800-53 Controls: AC-12, AC-17 (03), CA-09, SC-04, SC-07, SC-07 (07), SC-08, SC-10
Terms: Persistently