FedRAMP 20x GitOps Demo

Table of Contents

What It Does
#

GitOps setup that maps to FedRAMP 20x KSIs. Based on Andrew Martin’s talk at BSides Orlando 2025 - “Declarative by Default, Secure by Design.” Flux for reconciliation, Kyverno for policy enforcement, GKE + Terraform for infra.

ethanolivertroy/gitops-demo

HCL

Stack
#

Flux CD
Kyverno
GKE
Terraform
Cosign

Demos
#

Policy blocks non-compliant stuff
Drift gets auto-fixed
Unsigned images get rejected

GCP FedRAMP Quickstart

26 March 2025·Updated: 11 December 2025·1 min

Compliance Tools Cloud Security FedRAMP GCP Terraform GKE IaC Kubernetes

Terraform modules for FedRAMP Moderate workloads on GCP.

⚡ Prowler

1 January 2024·Updated: 25 November 2025·2 mins

Security Tools Open Source AWS Azure GCP Kubernetes M365 Multi-Cloud FedRAMP NIST PCI-DSS GDPR HIPAA SOC2 Python Open-Source

Open-source cloud security platform for AWS, Azure, GCP, Kubernetes, and M365 - performs security assessments, compliance audits, and continuous monitoring with 900+ built-in checks across 38+ frameworks