Hello Marc, > As recommended, I ran the script called "create_stig_overlay.py". It created a > new stig_overly.xml file. The file is interesting as it provide the link > between STIG > rules and complianceascode rules. Is it correct?
Indeed. Note that stig_overlay.xml file is also included in the repo for each relevant product. > I noticed the script create a one to one relation between rules in STIG and > rules in > compliance as code. Indeed. And you are also right with your subsequent observation that ultimately there is many to many relationship between STIG rule and SSG rule. In other words, a given STIG rule may require multiple SSG rules to be present and a given SSG rule may be required by multiple STIG rules to be present. The overlay file is just an intermediary. If you want to explore/review STIG to SSG relationships I recommend using the **srgmap** files that you can find in your `./build/` directory. Kind regards, -- Šimon Lukašík Member of technical staff Office of the Chief Technologist Red Hat Public Sector _______________________________________________ scap-security-guide mailing list -- scap-security-guide@lists.fedorahosted.org To unsubscribe send an email to scap-security-guide-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/scap-security-guide@lists.fedorahosted.org
