UNCLASSIFIED - NO CUI

Skip to content
Snippets Groups Projects
Commit e52281ee authored by Branden Cobb's avatar Branden Cobb Committed by Ryan Garcia
Browse files

License Updates

parent 9f7ba5d0
No related branches found
No related tags found
1 merge request!2178License Updates
Hide whitespace changes
Inline Side-by-side
docs/understanding-bigbang/licensing-model.md
+ 3
1
View file @ e52281ee
......@@ -46,7 +46,7 @@ Licensing of products deployable by BigBang are not covered by the BigBang team.
| Kyverno | Policy Enforcement (Core App) | Apache License 2.0 (Free/OSS) | * Kyverno is a fully open-source product, however there are [multiple companies](https://kyverno.io/support/) which provide paid support services for it. |
| Istio Controlplane, Istio Operator, and Kiali | Service Mesh, Operator, and Service Mesh Dashboard (Core App) | Apache License 2.0 (Free/OSS) | * [Tetrate](https://www.tetrate.io/) is an Istio Vendor that can offer commercial support. |
| Jaeger | APM (Application Performance Monitoring) / Tracing (Core App) | Apache License 2.0 (Free/OSS) | |
| Prometheus Operator Stack (Prometheus, Grafana, AlertManager, etc.) | Metrics, Metrics Dashboard, and Alerts (Core App) | Apache License 2.0 [Future versions will move to GNU Affero GPL v3](https://grafana.com/blog/2021/04/20/grafana-loki-tempo-relicensing-to-agplv3/) (Free/OSS) | |
| Prometheus Operator Stack (Prometheus, Grafana, AlertManager, Loki, etc.) | Metrics, Metrics Dashboard, and Alerts (Core App) | GNU Affero General Public License v3.0 | |
| Fluentbit | Log Shipper (Core App) | Apache License 2.0 (Free/OSS) | |
| ECK (Elastic Cloud on Kubernetes) (ElasticSearch and Kibana) | Log Storage and Log Dashboard (Core App) | [Elastic License](https://github.com/elastic/cloud-on-k8s/blob/master/LICENSE.txt) (Freemium) | **Enterprise features of note:** Kibana SSO, authn, authz, FIPS 140-2 mode, audit logging require an enterprise tier license. **Free tier notes:** BigBang's Authservice/Authentication Proxy could be put in front of Kibana to achieve basic SSO with all or nothing access. PartyBus uses licensed ElasticSearch <https://www.elastic.co/subscriptions> [licensing](package-architecture/elasticsearch-kibana.md#licensing) |
| Cluster Auditor | Collects OPA GK events and sends them to ElasticSearch for Review (Core App) | Apache License 2.0 (Free/OSS) | |
......@@ -61,3 +61,5 @@ Licensing of products deployable by BigBang are not covered by the BigBang team.
| Gitlab, Gitlab Runners | GitRepo, Container Registry, and CICD Software Factory (AddOn App) | Gitlab Community Edition: MIT Expat license Gitlab Enterprise Edition: (multiple tiers) | **Premium features of note:** Release Controls, Project Management **Ultimate features of note:** Unlimited Guest Users, Advanced Security Testing (Note this functionality comes from container images that may not yet be in IronBank) **Free tier notes:** Free tier is fine for Proof of Concepts, but the Release Controls in Premium tier contain security controls that would be necessary for a cATO pipeline. PartyBus has multiple instances of Gitlab, most use Premium, a few use Ultimate. PartyBus's Gitlab pipelines integrate with additional licensed apps: Twistlock, Anchore, [Fortify](https://repo1.dso.mil/platform-one/big-bang/apps/third-party/fortify), [SD Elements](https://www.securitycompass.com/sdelements/), and others. (This is offered as a data point, it doesn't mean these are required for a cATO pipeline, the Consumer of BigBang's AO makes that call.) <https://about.gitlab.com/pricing/#self-managed> <https://gitlab.com/gitlab-org/gitlab-foss/-/tree/master#editions> |
| SonarQube Community Edition | Static Code Analysis (AddOn App) | SonarQube CE: GNU Lesser GPL License v3 (Community Edition is Free/OSS) | An Enterprise Edition Exists, but is not bundled by BigBang |
| Anchore Enterprise Edition* | Vulnerability Scanner (AddOn App) | Anchore Enterprise Edition (Paid/Licensed) Anchore OpenSource Edition Apache License 2.0 (Free/OSS) | **Licensed features of note:** Proprietary Vulnerability Data Feeds for increased accuracy, NIST 800-190, Docker CIS Compliance, DoD container Policy Compliance, cATO Capable, RBAC, SSO **Free tier notes:** BigBang's values file can be set to deploy the OSS version for Proof of Concept deployments. PartyBus and other Platform One services use the licensed version <https://docs.anchore.com/3.0/docs/faq/#2> <https://anchore.com/pricing/> [licensing](package-architecture/anchore.md#licensing) <https://repo1.dso.mil/platform-one/big-bang/apps/security-tools/anchore-enterprise/-/blob/main/docs/CHART.md#adding-enterprise-components> |
| Vault | Secret management (AddOn App) | Mozilla Public License 2.0 | |
| Metrics Server | Scalable, efficient source of container resource metrics. (AddOn App) | Apache License 2.0 | |
\ No newline at end of file
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

UNCLASSIFIED - NO CUI