| CPC H04L 63/1433 (2013.01) [G06F 9/44505 (2013.01); G06F 9/5072 (2013.01)] | 20 Claims |
|
1. A system comprising:
one or more computer devices configured to implement a unified cloud configuration evaluation (UCCE) system; and
one or more non-transitory computer-readable storage media storing executable instructions that, when executed by the one or more computer devices cause the one or more computer devices to:
obtain, from a cloud computing infrastructure provider service, live asset configuration data about assets in a cloud environment hosted by the cloud computing infrastructure provider service, the live asset configuration data being in a first format associated with the cloud computing infrastructure provider service;
convert the live asset configuration data from the first format to a second format associated with the UCCE system;
generate a first model of the cloud environment using the live asset configuration data in the second format associated with the UCCE system;
obtain a cloud configuration definition created in a cloud configuration development (CCD) system specifying proposed configuration changes to the cloud environment, the cloud configuration definition being in a third format associated with the CCD system;
convert the cloud configuration definition from the third format associated with the CCD system to the second format associated with the UCCE system;
generate a second model reflecting the proposed configuration changes using the cloud configuration definition in the second format associated with the UCCE system; and
evaluate compliance of the live asset configuration data and the proposed configuration changes using a set of compliance rules by:
evaluating compliance of the live asset configuration data by applying the set of compliance rules to the first model, and
evaluating compliance of the proposed configuration changes by applying the set of compliance rules to the second model.
|