GRC Store

Search / finos-ccc/ccc.rdms.cp / v2026.06-rc4

Release · v2026.06-rc4

FINOS-CCC/CCC.RDMS.CP Capability Catalog

FINOS-CCC/CCC.RDMS.CP

Capabilities for Relational Database Management System technologies, as defined by the FINOS Common Cloud Controls project.

Published by FINOS Common Cloud Controls

Install

OCI v1.1
$grcli unpack --repository finos-ccc/ccc.rdms.cp --tag v2026.06-rc4
Coordinate
oci.grc.store/finos-ccc/ccc.rdms.cp:v2026.06-rc4
Manifest digest
sha256:074a7633b9c710d02cc251bcb89b50b73ae279f8ec8fe21b4fa0aebdb2ca2438

Provenance

1 layer
Digest Media type Size
65d7ef818aaa… application/vnd.gemara.artifact.v1+yaml 6.3 KiB
Bundle config blob 
{
  "bundle-version": "1.0",
  "gemara-version": "v1.2.0",
  "metadata": {
    "provenance": {
      "buildDefinition": {
        "buildType": "https://grc.store/grcli/buildtype/v0",
        "externalParameters": {
          "artifact": {
            "id": "CCC.RDMS.CP",
            "type": "CapabilityCatalog"
          },
          "target": {
            "registry": "oci.grc.store",
            "repository": "finos-ccc/ccc.rdms.cp",
            "tag": "v2026.06-rc4"
          }
        },
        "internalParameters": {
          "CI": "true",
          "GITHUB_ACTIONS": "true",
          "GITHUB_ACTOR": "eddie-knight",
          "GITHUB_REF": "refs/heads/main",
          "GITHUB_REPOSITORY": "eddie-knight/common-cloud-controls",
          "GITHUB_RUN_ATTEMPT": "1",
          "GITHUB_RUN_ID": "26770748733",
          "GITHUB_SHA": "2b6dab4c1307a0ac67d90c99829f6c1825154c84",
          "GITHUB_WORKFLOW": "Batch Release All Catalogs",
          "RUNNER_OS": "Linux"
        },
        "resolvedDependencies": [
          {
            "name": "artifacts/database/relational/capabilities.yaml",
            "uri": "file://artifacts/database/relational/capabilities.yaml",
            "digest": {
              "sha256": "65d7ef818aaabdf88b55b860d1d2197a23d9b0645b34c404b4574c59a4984103"
            }
          },
          {
            "name": "source",
            "uri": "git+https://github.com/eddie-knight/common-cloud-controls@2b6dab4c1307a0ac67d90c99829f6c1825154c84",
            "digest": {
              "gitCommit": "2b6dab4c1307a0ac67d90c99829f6c1825154c84"
            }
          }
        ]
      },
      "runDetails": {
        "builder": {
          "id": "https://github.com/eddie-knight/common-cloud-controls/actions/runs/26770748733",
          "version": {
            "go": "go1.25.0",
            "go-arch": "amd64",
            "go-os": "linux",
            "grcli": "v0.2.2"
          }
        },
        "metadata": {
          "invocationId": "26770748733-1",
          "startedOn": "2026-06-01T17:28:24.538831459Z",
          "finishedOn": "2026-06-01T17:28:24.792479141Z"
        },
        "byproducts": [
          {
            "name": "capabilities.yaml",
            "digest": {
              "sha256": "65d7ef818aaabdf88b55b860d1d2197a23d9b0645b34c404b4574c59a4984103"
            }
          }
        ]
      }
    }
  },
  "artifacts": [
    {
      "name": "capabilities.yaml",
      "type": "CapabilityCatalog",
      "id": "CCC.RDMS.CP",
      "role": "artifact"
    }
  ]
}

CCC Relational Database Management System Capabilities

Capabilities for Relational Database Management System technologies, as defined by the FINOS Common Cloud Controls project.

ID
CCC.RDMS.CP
Version
v2026.06-rc4
Gemara version
v1.2.0
Author
FINOS Common Cloud Controls

Data Resilience

The Data Resilience group covers entries related to ensuring data availability, integrity, and sovereignty across its lifecycle. This includes replication, backup, recovery, region restrictions, and protection against data loss or corruption.

  1. CCC.RDMS.CP01 SQL Support

    Properly handle queries in the SQL language.

  2. CCC.RDMS.CP02 DB Engine Option - MySQL

    Ability to create a MySQL managed relational database.

  3. CCC.RDMS.CP03 DB Engine Option - PostgreSQL

    Ability to create a PostgreSQL managed relational database.

  4. CCC.RDMS.CP04 DB Engine Option - MariaDB

    Ability to create a MariaDB managed relational database.

  5. CCC.RDMS.CP05 DB Engine Option - SQL Server

    Ability to create a Microsoft SQL Server managed relational database.

  6. CCC.RDMS.CP13 Deletion Protection

    Protect the database against accidental deletion.

  7. CCC.RDMS.CP15 Horizontal Scaling

    Read replicas of the primary database can be created.

  8. CCC.RDMS.CP16 Failover

    Standby database can be implemented for failover when the primary can't be reached.

Access Control

The Access Control group covers entries related to authentication, authorization, and trust perimeter enforcement. This includes multi-factor authentication, least privilege access, network access rules, and prevention of unauthorized access or reconnaissance.

  1. CCC.RDMS.CP06 DB Managed Credentials

    Ability to managed the database credentials using the cloud provider's secret management service.

  2. CCC.RDMS.CP07 DB Self Managed Credentials

    Ability to manage the database credentials by client managed username and passwords.

Networking

The Networking group covers entries related to network infrastructure, connectivity, and traffic management. This includes virtual networks, subnets, load balancing, DNS, routing, peering, and network-level access controls.

  1. CCC.RDMS.CP08 Support for IPv4

    Ability to connect to the database using IPv4 addresses.

  2. CCC.RDMS.CP09 Support for IPv6

    Ability to connect to the database using IPv6 addresses

  3. CCC.RDMS.CP10 Public Access

    Allow database to be accessed by public internet.

  4. CCC.RDMS.CP11 Disable Public Access

    Prevent database been accessed by public internet.

  5. CCC.RDMS.CP12 Managed Connection Pooling

    Ability to configure a managed connection pool for the database.

Compute

The Compute group covers entries related to processing, execution, and runtime infrastructure. This includes CPU, memory, storage allocation, network ports, command-line interfaces, and elastic scaling.

  1. CCC.RDMS.CP14 Dedicated Database Instances

    Option to deploy the database on a dedicated instance for isolation requirements.