Skip to main content

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Share your experience with the FAS IT-Playbook by taking this brief survey

Cloud Ecosystem of Managed Services

Standard Deployment

Standard Deployment capabilities enable application developers to produce secure, performant, and functional code. These include capabilities to support both containerized and non-containerized application architectures.

Description

The security toolchain provides the necessary mechnaism to ensure the secure operation of components in the cloud environment as governed by GSA security policy.

Key Capabilities Include:

  • Anti Virus - Toolkit to able to detect many types of malware, including viruses.
  • Vulnerability Scanning - Identifying packages on the file system with known vulnerabilities and providing recommendations for remediationl.
  • Container Scanning - Identifying packages within container images with known vulnerabilities and providing recommendations for remediationl.
  • Network Firewall - Control network traffic based on a set of rules.

Maturity:

Common Service

FCS believes this capability has reached a level of maturity in FCS where it can be used and deployed in a limited capacity or upon special request from a customer/tenant.

Technology

Additional Documentation

Description

The code management faciliates the proceses associated with source code management (SCM) in support of the development experience and DevOps processes.

Key Capabilities Include:

  • Git - Distributed revision control system
  • Pull Requests - Propose changes for collaboration and review.
  • Webhook - Send notifications to support integrations based on code repository events
  • Orgs - The ability to group repos by organization.

Maturity:

Fully Optimized

FCS believes this capability has reached a level of maturity in FCS where it can be broadly deployed and used by FCS Tenants. Uses and limitations are well understood and costs have been baselined.

Technology

Additional Documentation

Description

The testing tools support the verification and validation of application functionality to functional and non-functional requirements.

Key Capabilities Include:

  • Load Testing - Load testing simulates traffic to stress applications artificially in order to identify performance improvements.

Maturity:

Early Adoption

FCS is exploring the capabilities in this area. Currently only a proof of concept deployment is occuring with a single customer/tenant or with a handful. Use of the capability is still ad hoc and has yet to be baselined or have cost estimates established.

Technology

Additional Documentation

Description

The code quality services support scanning of code in order to provide metrics for improvement.

Key Capabilities Include:

  • Static Code Analysis - Reviews code without running the application for common possible formatting, archtectural, functional, security, or perforrmance defects and provides suggestions as to how to remediate.

Maturity:

Common Service

FCS believes this capability has reached a level of maturity in FCS where it can be used and deployed in a limited capacity or upon special request from a customer/tenant.

Technology

Additional Documentation

Description

The deployment tools facilitate the deployment of applications aligned to the application packaging strategy.

Key Capabilities Include:

  • Continous Integration / Continous Deployment (CI/CD) -
  • GitOps - The implementation of the GitOps principles of including declarative state, Immutable, automated application from source, and continuous reconciliation.

Maturity:

Common Service

FCS believes this capability has reached a level of maturity in FCS where it can be used and deployed in a limited capacity or upon special request from a customer/tenant.

Technology

Additional Documentation