From 0288b1e814736b6d4f95a88df70f377fa6f8fd29 Mon Sep 17 00:00:00 2001 From: Cole Isaac Date: Wed, 8 Jun 2022 13:13:15 -0400 Subject: [PATCH 1/8] #680 clarify docker start in new project --- docs/fides/docs/quickstart/docker.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/fides/docs/quickstart/docker.md b/docs/fides/docs/quickstart/docker.md index 51496f78bde..90b40810c05 100644 --- a/docs/fides/docs/quickstart/docker.md +++ b/docs/fides/docs/quickstart/docker.md @@ -8,7 +8,7 @@ Docker and Docker-Compose are the only requirements here. 1. Install `docker` locally (see [Docker Desktop](https://www.docker.com/products/docker-desktop) or your preferred installation). The minimum verified Docker version is `20.10.8` 1. If your `docker` installation did not include `docker-compose`, make sure to get at least version `1.29.0`. Installation instructions can be found [here](https://docs.docker.com/compose/install/). -1. Create a `.fides` folder in the root directory of your project (or in the same directory as your docker compose file). +2. In a new project folder (or in the root directory of your current project), create a `.fides` folder. ## Docker Setup From 47d5e74b005f0b0d057bfc266e61a09c2cdb5de6 Mon Sep 17 00:00:00 2001 From: Cole Isaac Date: Wed, 8 Jun 2022 16:21:16 -0400 Subject: [PATCH 2/8] [#431] update readme to use datamap --- .fides/fidesctl.toml | 1 + README.md | 64 +++--------------- .../2022-06-08-T201756_datamap.xlsx | Bin 0 -> 51679 bytes docs/fides/docs/guides/generating_datamap.md | 4 +- 4 files changed, 14 insertions(+), 55 deletions(-) create mode 100644 demo_resources/2022-06-08-T201756_datamap.xlsx diff --git a/.fides/fidesctl.toml b/.fides/fidesctl.toml index 4bba2a13dd1..27797c0fcf7 100644 --- a/.fides/fidesctl.toml +++ b/.fides/fidesctl.toml @@ -9,6 +9,7 @@ test_database_name = "fidesctl_test" [cli] server_host = "localhost" server_port = 8080 +analytics_id = "d615f75e813f4b34ac29a26877f0824b" [user] analytics_opt_out = false diff --git a/README.md b/README.md index 88d424a5d66..117eadf160a 100644 --- a/README.md +++ b/README.md @@ -25,25 +25,16 @@ Fides (*fee-dhez*, Latin: Fidēs) is an open-source tool that allows you to easi ### System Requirements 1. [Docker](https://www.docker.com/products/docker-desktop) (20.10.8+) and [Docker Compose](https://docs.docker.com/compose/install/) (1.29.0+) 2. [Python](https://www.python.org/downloads/) (3.8+) +3. [Nox](https://nox.thea.codes/en/stable/) (`pip install nox`) ### Getting Started -1. Ensure `nox` is installed locally. -
- Run pip install nox - - Fidesctl uses [nox](https://nox.thea.codes/en/stable/) for build and development tasks. If `nox` is already installed, you may skip this step. - -
- -2. Ensure `docker` is installed locally, and clone the Fides repo. +1. Ensure `nox` and `docker` and installed locally, and clone the Fides repo. - Then, from the fides directory, run the following commands: + Then, from the root fides directory, run the following commands:
- - This will spin up the entire project and open a shell within the `fidesctl` container. Once you see the `fidesctl#` prompt (takes ~3 minutes the first time), you know you're ready to go: - Run nox -s cli + This will spin up the entire project and open a shell within the `fidesctl` container. Once you see the `fidesctl#` prompt (takes ~3 minutes the first time), you know you're ready to go: ```bash ~/git/fides% nox -s cli @@ -59,12 +50,11 @@ Fides (*fee-dhez*, Latin: Fidēs) is an open-source tool that allows you to easi ```
+ Run fidesctl init
This builds the required images, spins up the database, and runs the initialization scripts. - Run fidesctl init - ``` Initializing Fidesctl... ---------- @@ -83,52 +73,20 @@ Fides (*fee-dhez*, Latin: Fidēs) is an open-source tool that allows you to easi
-3. Use the evaluate command to see if this project's demo analytics and demo marketing systems are compliant with your privacy policy as code: +2. Use the export datamap command to generate a [data map](/docs/fides/docs/guides/generating_datamap.md) of the provided [demo resources](demo_resources/):
- Run fidesctl evaluate demo_resources/ + run fidesctl apply demo_resources/ + run fidesctl export datamap --output-dir demo_resources/ ```bash - root@fa175a43c077:/fides/fidesctl# fidesctl evaluate demo_resources - Loading resource manifests from: demo_resources - Taxonomy successfully created. - ---------- - Processing registry resources... - CREATED 1 registry resources. - UPDATED 0 registry resources. - SKIPPED 0 registry resources. - ---------- - Processing dataset resources... - CREATED 1 dataset resources. - UPDATED 0 dataset resources. - SKIPPED 0 dataset resources. - ---------- - Processing policy resources... - CREATED 1 policy resources. - UPDATED 0 policy resources. - SKIPPED 0 policy resources. - ---------- - Processing system resources... - CREATED 2 system resources. - UPDATED 0 system resources. - SKIPPED 0 system resources. - ---------- - Loading resource manifests from: demo_resources - Taxonomy successfully created. - Evaluating the following policies: - demo_privacy_policy - ---------- - Checking for missing resources... - Executing evaluations... - Sending the evaluation results to the server... - Evaluation passed! + ``` -
Congratulations, you've successfully run your first fidesctl `evaluate` command! -4. Now, take a closer look at `demo_resources/demo_policy.yml` which describes an organization's privacy policy as code. This policy just includes one rule: fail if any system uses contact information for marketing purposes. +3. Now, take a closer look at `demo_resources/demo_policy.yml` which describes an organization's privacy policy as code. This policy just includes one rule: fail if any system uses contact information for marketing purposes.
Run cat demo_resources/demo_policy.yml @@ -159,7 +117,7 @@ Fides (*fee-dhez*, Latin: Fidēs) is an open-source tool that allows you to easi
-5. Lastly, we're going to modify our annotations in a way that would fail the policy we just looked at: +4. Lastly, we're going to modify our annotations in a way that would fail the policy we just looked at:
Edit `demo_resources/demo_system.yml` and uncomment the line that adds `user.provided.identifiable.contact` to the list of `data_categories` for the `demo_marketing_system`. diff --git a/demo_resources/2022-06-08-T201756_datamap.xlsx b/demo_resources/2022-06-08-T201756_datamap.xlsx new file mode 100644 index 0000000000000000000000000000000000000000..ea06e103b951f3c602aa95ad166ae69c4eb0894e GIT binary patch literal 51679 zcmeHw3pkWp+rLC5X(*+XLr1BcPnE+&q#P?s2TX}HIZUCPO_8JnLfa{($OvUhN{*9M zDoG3`#E{UKoEn2MX6FBxN{9XK>wDJ!db_^&doO!ma&7yW)p~xvd)@24f9t-N9j4O- z#QFI6X7TB!zObIDZ|-mg`mcM?mnih*h&jB&19RL{>Co}xiau_x<`KHW{3@b`+*c<` z^7YFM95%n*bvGB`zeFj@aZ9d2Q0d09NOx(>qOFwK&TBtp&Q&;P9oexw8o{?f;=)4< zyA1cGaYxe+`|@dbUwLz>dfWDc*>%#lgwhkb%sF!-w&FbIO5gFZ=<2z5+)1uHeVL#L z*TbzfvreObHRCUth5>D~{f=Lz>u_VNhXzfvavC3>*w52FjPY=qm~Z-(GK+HMIp7Q$i1`^i$mYIL)=~z0^Uc{d)OsjxEcb zvNYGIM0F|N8eEQ*Oq48LK%;*q@Fy50$}&HqW9*{Ioh|I)WmZ>jW!c{LI8k)x?0WK- zBW%6GpdnOfj@l__?xEsY)*?iXc_9C<$T+2)IkaXvAK#t1e0=jEWPDteypB4#Ieq<8 zWdfTjn`Za-vZCx@&h!r@W#kh1qMf-(yJhz8?s?dwc5g7f>>a-*np3*S-z~s2^~ee* z6n}?Wn3~$-sLE{OVnM{&i|WoUM^Sr4MHhZN^y-7gIKz|cJMBzVd}w^vrQ7ZE#RiVi zsq+Yq2CDqA+Vj^Hp9_zDHhY=a8nuNIzWVWF3p;hncbWTMGKi2_;I{S3;eBec?XhJ| zIO20;WU9Jsk@C%SU9kSU-#kSdV zA*VI_-i%w4a|iP76*N?K`eY{WTuguFUneQjKjT%Q+Q6+h*J$e!`6OHxWzx(T>R&eF^AnR1b_R(2=pRRBpuieRcuQ-1Z-axZ)j+MJ>pXS99T9)30 z6-qkn(>IKQX%P5ObWSsBU*i1YE^qI^@~d3r%dE#9wUv5dfTkNe@p8)NDN4r_ht-|twwj&Xa$viW5$ zbLNkQr4M;X#z*C%q(VMEN!{6ei@q)_Z;XeF=TRpoFHa@jH{R;XYiT^Slze7&k4^iR z-MEuk3TM<@3IZae=sJkNPNSHpDovxTZLbs=B=6wZ&=-cMgSh34qL_dYPWgxu zGMO{hZb=CkZ!c$5l5sNwxx-0elpxknQa`HHcO;v_>7pO*4THY1BXO;zzTPcCJ_Cal z{X{IYJ%fTG26FSUtonT77;8E^3CU)Xx@VR$doe*i%nVxl7-^^+{g_IijH_1Dw4kS1 zqh0KxnKC&xJQP)$%r7y zARks&UbzI(Z-B~1bTYhg!L)n~2CpOaq|yf0I?gE64QwH@dm{UhfqqYF;p}ecFCH5!ibIyNy;$$+J5b1=p~?<6iMh&rRb-Go*mdz8tQ8Sm}hp28Vxtfvr%`{z@1I&rNjDdcie*9fLHSgW+^!moJzGbU<@*LR64MoIuw(XGeTAa}cdpML3f5Pi zy}E4uUIE&)0MA!tN{4(#O&3Wop977}9CY5ch2CzdL@8k+m5@ry8I}D6nc{$vv9fHd ztroNjY9eRoOI35^Ono8ZYt}$}P*_c?sMV|?ll;wK%xRlze3!@ACO&(-?zM+WFU$#c@>h*={!F%2c z`IX5o5{x;xaD6a??~P)lG0|2!^0;r?U|VH}$(tgQ;0bY#QkuO_XrQu3_~pI_m7{%j zt+u-}F7}j-c4lpgmn|T>lZw3k3v;E1^5Yt6v|^159RxzJi(3cpe>-cxzT79lkb~l8 z!TavcYM8#E$U&Ox@l5CWf{==k3h%B@oiuXBgW&<~=N;N5+R&J~&&^M2%DE%r&7W8}#eq1pQKw*($s7t0H_ zcq=@kY)!nt{exn+XC6P*qRZ?o^be-Zjht!OXGW%GbZB8Ba|-3WkI?FskaNblT4Jp7 z>=6nsD0-Yq&Ok;g=Ch=>1dON@bK2SD&pHK^H_*Fr+CR4rxJ0b*PhDraW0r~js#}7W zuP^WlwpX6DwQOa);KhTwr|++$QI%{OtZeuB==k_K-whh2v%JH!&RF)(Y2f-Z+Fr)U zVY!r;v}|e+>oPZ+W!{%h86p-^K4&T}{bx3=ITLL+R4YI07d#^?ZWz2bYSu3O)h`79 z30>hPIx2X0ywb-0kU}`6xRf*6)>-7;k1Tl_d7sEteO7MFm5)Z2AAZd)Lf~49{ruT& zHTfAhTT}^mV62SQ@7@~ecd}3mOYgHp1bNdRGLtMZISA~z8v7Oc>$eGH%Fh4z)wJ1a zI!w!Zr2~HXGLX~g%*ILA^;;5H?H8Ml;gYXQ%n9D9O!cjjNFj3qUw`(h9_=B8Py)w& zX4j5nEP0idQTR!@A*6gm(JA|JkKW=@k6xVudXsP9rou=vE<*7dL6SR|5sAx*>zw>xIM4I8lW5YC=c!Se1Wa;XEopRq^B5M)B@_`r;5ZxqdTLk>M|Cax9h zE03}NNGxFvbrW&9)2TO4~cV$=I>M&MC158`J+AmM843lvd&Ws~>3ehAKcXZfvfk)vZz0$JS`cU~8 znm1X-J%z-mu#ssE2x`Sy)-$q^L~W^0&DG@QVc%=gV?OMj3Is-vJ=Dgc#mQiG*aLxs zYkEvAKeMTs*X&CQk1aF;n4-GrHY^F^e{~ePYxsR66N)Y``jXl zroktdYOuu{11bI^J#_D+IAo9?)^n6#IT*y~>N+gLrL*F&8%u1t9!-_m`N&ev(sPJ@ zqV}`iZ2NNRlhz8-cIGIj0)aZkWr`;&F(gKmQSZv1CH+NWvPNVm*A`ZA`#<${5_MSA z`my<~0w|*DK?!dUy^%)qy88TlT;}NT8*jBINh8e}kyicBG(I9~f7m1-+o zMA(;(1t5;^cWkxqSXfY~++G#-QI7+~2DaESx+THBwHU*$LZE^^kKvHTNCgRGpy!Ys zqqebx=4nt>Vqxx2*x6FDl`$fzVJpetRPGudtUz-5N&G`?<#8B&45rkrSa0l{Cm}7K zqrE4C=^BkpnZae`+Yp&ugl0jugFq>_UHny=cLtV}Ep*%c#r@KO6(0h1j^Fp8=+cv+ zA8x_wtm-EdEG?-7G65SnMx_sJdFG9Aci(P-;4rGPY0wNgN|+q(K-Z@W+xkyF%r&*t zA}aTG8nK_uedRCZeezJ9u1%kC#&F+NmR@yQ3Her^ecG7+Wl6=$V_`OZtfkMq2s`PG zYu4AtyWTR}+)-n3x>&!!0Eq+|j-& zBKO5AR^Pq{jwqiLW++-osZrw84*Pdyx_#ySDFZ3l%urI`$gv=t6{*$5+MBSGU9wdq zZY#Syn;974FxI~}r|bUqyN^&89!p(h*=+rSd-#YFG(6VRhY+UejX#k~BKm0%{ZmY{ znJsDkd#fU6y6>S2%Pb_iKtKJ|T|e&C#PQqz(z}vbEk$m32*TZuwew5l&7%vNM=R}7 zws2ZsfdguMoNKpkI55Td7pf72cOx4wQ0>#Y?(f{2s+3IE{_7LrbsN$xyp(;HTi+t1 z!F|Q*C&Yiu-t)PryCBbjqB|C`faTM6nn&rZK&}kbc}42=`GoMazwJ8;!<}UU56}= zpmeXnb0b2J=_LtNj-}6ffA2QdX(bn3Io8`BZQH^&or@~CjeWKf_24!|w>sU4-B;ti zo>nnkt8%PGjZy&paA@6MjB0N0xpL_LWj?r#^2z0)K>Nl<>wyCQC;mAD5^tC->&63r zGkFAIU;+o?;i|;y)n&7>^8DVn2T+S&Vw+}TS=#0{-rV6To16iZ%1fI&1K!o1=uo2n zkkq>I!N*mzu_Ld&a|XN-C5J=Fm^Y~Sox-fp?)V8Do&@o52!U%e-f6~_qLBhLh4#=*#U34oVBf|e?V&fL@{0UU5xigZ zOEZ`nInc&eNnJ>5!S(Gg?N8~BlbAW1tAg06+R5J;M!=IcCdW?$i^#;=^05Bm!=Q3d7UNrJBpVIyLSbR-0YPis?@%xq4OY4 zT3oELgq`K-JGlcULAbQ|K8<5~OBha6&MBf7#rXq6M(Skg$5zfOYCXM5rnI@){bm0Utj3&TiLt_LOeAGR&jxQ36`rTR_Ju&fb#iLf)-y{07E93B#>e4vI&vHu+!$o=fo)P};1b$9OFDCfr~o`;Ou|}N{Gp-qrOH;E z6bRldI(zxAf%4yTz-w~74_ElyjMywX%RqnSdBJem1&+bC|CCnHZ?>Egh^!Nv#jn5S zyudwKv75nWQNsU}@1*24N3>np#IFx?`811N)4Za-8P?NW!2xLSdmw}B>@k*wZ-Es+ zMzR-($!yq00x@|Qh{@YPOxA-i2?RELCZmTxLKc_`GH**D3k(M`lARz%A_rt7h9E|g zatp*r<^vfC5ZD>!D@9;Ahx<2mOL}LeWP!}v3TWP0Kt=*&+?hZ|vKz!mGJuT48pue1 zz(&vCJ{{KPv>sgzZIjMG^ELyTH~ei9@_=eUMuG=1l4>ANk^p2RRv<!->GhNMqb?r|1LIum(`J1=AoJDyYWqR@%ycud(1=7 z>gM>yy!eJKO-A&=)rpZ(<~tA0HoqdTxe8wwo8Vz}Xs!9xOic}ZLtTO&>7b-}3|dnG z&xkrz6ObF;HQ(4uJl?>{@q&4{yoMA0y>+~al~b1a=Z)yQLBu9D^$kXpsXpI*6%$}5NBUx+8ovpV+5tRPeQ zD*lyqlBAVOk68&?`7-{cdeTCY-?pNo?oHR%wWAk1_F zG2;!g2;f5fCXMMpnvwi)fjRuBSqW&(w1Y4s48n{(&_447gc%7CW=f8OFcS*02;f5P zwXiCT()v(etNA=0=Jsgsmikij1 zTnAEeX4rvj9A2Fui}5OmrP_e3nE&cYLkR~0(ptb0jw$)%CmHrXL#cuijy%wW!x&^0 z=>AvBCp_g?8pJyd{Sl=KN;o=z6OJkQ5I;*09 zo>fiBCqES!K&Ob+K}C{@r|)icnusww&8*HQ$(|9z#3x;`OhnqnjrT{!#`tE;zm}?prxI#E*-2w4ywaC<~ z=BEW7tXAP(882-(tQKW&+^lAzghln&@)&$o zUea6=y3j0NUV^GoWh^pwTx9uf{J{$oMN!eemM&?y;aj}oEl5s<<^|gbXuV@^!(2o& zRRyiop^~fEUrTzj(Q3W;a<4>1lG`gIKXdxd5Ix(FZCB;vQzz=D9Dl8HGEYKlN#RLe z3GP;kwJwQ~l0)s1hFNB1;^t5}&#GUmZjLpX6;YLw@s(al9#`y10d?0AWZ7L#v++lv zQY-m{U+TE_kd8E&hf&q-@XfIohZ4KeW&}Q(ab>NQve85d(#v0~#1b`0?wicM0Y_Gs z(fCxZao##1SUwS|$}+(>{9N)?pO@gq2*_RlcANoX$1ou#lE(e&t`qa|+hJR>5(vlz03cTa zfQ$kG*#iLNH~^4KL7YV=fE~kyxL=(Jd4T>q=xEsPq8R{W3JA!j06@+M0U4$x^E`4d z0LT~+J1zpSW0(-LwX0;HO=P4&eLL(O2gKPUL9BCX;K^MbCKM2TI8gdPwh<(V-A@fX zNgqroAo@_C^nq+pM3B`tHSi>TFrk3xqkz%}(=YQPWg^Jxn;LkMKA2EI^dUj%s{n{x zupp~%YT!xwU_!xGtLo>nP$Faf&(+Q01urs@=-e3z@WNE249QVM6<&THq>Fzk=?E`* z84ogx(RcwfTkcRXZ;-Wum$Fw^sP79gg9ijr8ve_1KqlM`d&2$dNNJ5vL@l!zm{|N7 zCro@@=A|p(Q$Gj7P!_GgU9PnhuDRJhz zk_!`JPIA{s+6;DyhB$X4LnI7Oei4wx&i6qfb4yd04F+A15Y|nxKLp6%nmNcCWKR@Vh&T2s5qQ>TOSXv zpaMj{KmiCjL;xX&;{zbh&|zyGiCqK`aRy|i? zC}qciYSmM^2%s+VwfG9;&;=&MP|8jQP1!-BLzw4Pyp(;aXk{{GhY2whwy@W|Zc&QG|3Sl0|I1rHkx0`wXBT90hl$`;XvZFvi{;zH3`Hv{cfr`tJfW>7X zCwHYF3g7P$D%UbDdBw$-o-T`$YaawkYU44h1o*p<(KMwomGrB8GjWwTW?)<44^=~)% z*F!zBc?r=I&8V&u&7D6tqyFt;`H3Fcs@REURHuplS??=9JJ-Km`>z3Y$-3bkp>|aH zq=^pNZ|$f&=lc6~`2PSh&$+?`nde;Lg3NQSFhS;(a=-<7!X)8>%#$qsXOMY0ujNFL z@Nb6rXXgqNWS(<{3o_5S!UUODZ~+r!UZ*5nka@xaOptkKUZ*5nka?mrOptk^Gfa>v6F~x8JLWZ`{(B*Yjsbr(+roT5 z5ca+nwM-2R)%g7hC?NW86F4+9dlObt94wZMb|qObb&Ie%zoAV_%1EH=Dc^8BQnyJq+Ttrixa+hmwCndV*4R0%*!UrHg#8a0A&F z{zP36l=Dqq5&~03ozg`n%Lrj6);xU=q_PAq#L%`k*=!3pY5@s4L8^Ut_wT|Dho%Pp z7Ie}9a|Z0hHMww6=G_eo(=Mh4o(wwSLV+ZW)3MxaeQrxUK2sHz_xyIn3oL0Hq__n8 z?M_`dvG4e|Yg=F$21u37w=Nc^)jzIyfvI4E*UVYT!xw;6m~B zLUN$mToBdu|5UxmkKZf@XZ!sRD9M3R_G-|S9i)cuzqXm@M>8s{;OUnBpOBuQlzsAA zR#-vj&XB2Qp2?IQWMB9bB{@*aK6yz9Om~3+*!KeeTbp@!B{>|TyLR*Cra6z51J>6!T#N}45CT5xP zYMuBe*8id#fwrs{Uy!L!fW(nA^6EzTcd_xitd6`g56x8ndwD~{mL_vgs}Oq#YJRJu z7tHR-tEA&!$0p6TLT8!%jnlB94t2{U$ssT3x5mL9+X7_Pa*%z%`faXPe!SSAB+m8k?wU z<-XP|{a<9o(zWi1Ns?aBG8DwW6;E)maxgJZkk?v(ueDD2n^Q%gwW`cTHbGs0aDdKB z>cY=Rh6Iv-JIw42RdoCe-DK#u2*3vVJ_yi_AV7Zx0UDAh;R6lRqQ3$SvR2-}v}d+f zl>~}{B1E?LcJwxD;c^h(h@ed#-Ub~Gg?S9Q1-QPl+uF;f?|92 ziu3k%AGU0>x2xSU%J5?LdI`{}xzYxng=S%**AyApfe+jYe^yszZ_9(iz(=eBCatQ1 zR+M4P?(FU+ChG+}^5?QY400+-+AM0<2&~A}LBK*mfK% zj96MyozLapVLDwvoR5!h7N36V3+uMV)_RBOe0*loe0(C%PkmgKJiUBfojetN++2J2 zHAf^Vi?SCyof*5*ap$dByAnlqqq0nj5P_@0w@1BBf8H3)9`kdRb^Ysxqp5h4;+iMJ zK5v#H)JjF=I*d)EhtD2Yh&+0&ilN(0H7$0d z)6YxB)Vxq#j=Xe|9FDjmF=*DjGAzEDaV2MQ&is{wndq$S88zg{^TQuW1*HdXSUQo- z4d&zTwfN=uw{Ek~)%D+_Tak5a%~{WD>6Yah!cK7~Z|n%^bl7~;HA}R@PE3hEGb`a% zSnQsTe6RYpO_|jj58abno0abxsIcx;WQFy+^mg}Zq#E~@H~Hl}N%ykP?)$t6T4xSy z6u!DhqYjyupLo02zv!jCd2O05rcm6bW7HyAy0?X}N4WY}u1$=3Qw&0E4ehL(P_}`Q z;qJ!O`c5xTt`T~)nsh3MUSg)b-fhk&+9sXtMQhLJ91N$g?8!>?s|;SgS8wstV>aTA z%p=xHBUF_7qa^01b0_LzsHT*6<{oWZYXZvi51bJfRPlD7m5$*1qPxNTI{#XP`U81p z?p2o9-k8eN_>&h?gXPyAyfruDvCE_RG`Gh=iM1UD>)THliX#<7aPv4+*?{?#ipaS_ za+F0vPi!0Lo2i8ns2;TC*}>z}S#vwBpKU-Kx9G_BY?50au(08D{Z@5RybCe`rx$%K zt|&c6TyA>$hO&}(R}t?%wN1M}7bzVv)9mT=81D1wdsiov-#8yi)qZwpHR~ePebZ9J z!Iyd^IWzlmdd`rV8nZ2Lw+5<89koB`Ii&qeYgh4-HP8OqSQxp3s2WhIIG#A5>vmRo zbe(0%a8!o%0Q49^~uU$&fo*)ietGson0>l%m~au(|;t}8P+Vz_mMU{kI=7pc!h7X+nKpzyWXDXpLbqimWE-adN$G}aZxI| zb$PCvwSfKwLxR(xh}^cVtrCfbcy#mmS!ZX7kPMBY?kX&gogu1kgwJevbf58h4S8e7 z5ceKS_}9glZ%n)J7+Qo2`T6*Sq3*`ccqh8Pi@xfGLb-cGzM1Fv_MzEVXoa46PTsS{8Pi5{$`egdjgJojeTTe`H^#%o0fTXw@H>|y z^evt$&oLs*>*RAhBCyTcP3!Jrp=mY)E9YKb9llO``cj$vbpJh+;rl5q*!d_WLmRr4 z$JL0L+7C3n--P4to_=3*Y4^UBif{8eEsa%HM=E{92)cM?l(*NY961`EWrki@)X3?G zP7n(=JAdb+`EJ?W+QTeo8Q1sk2ur@i;SI{lau_v<8r6sHnzme*A2W$oTzscpQNGP{ z2VOGYpZ~eFN^$14g>B3HOY)u`+th+win|@2e+_qX*d8VHQ23$~*KPc_7gnQn6yAYe zlm)%8|-hI)nx*Pm>#oG%c&IdEa&KTaye$u<7jBlG% zq4K`!zlbA_&PwVR{Iz$Iwdc`~u72fI@mZShruNbWMh)%at1mOsKF9_NTTt~M%t9}v zl*ug4eGy@{Q(-Q5SreYBp?4=Ja>F1(IpDU;tu2o7Yda5ow0+__tXZ}{dQDXN8k+4` zuEovMmGi`uW}qYQQ)94x>Bum<_q{d+8r8;+?ksB?qJ8+ye3Q-@oLvIFAQ{?E=0h)e zU<=0G%gNmfW$k<1$rubcv6s%duA5)7tpc5TpPzbkT4klAbK#tmZsMP= z4@a1qToStZe8%Z(3dS|h7N`$K9U5<~az7YVuYF>9fl#~$eThO}-~TxcACo}x6TtrdX@?tQ zJv8XKO6X~^?;nM}pPoke`O}9n9!~%2<4$R34y}P`yfgPJmET7=J?$klAhcY)jykzH zef?AA_W>s23dTp}qNGB|*mY;~E&BfHiNF8Ma>2> Date: Thu, 9 Jun 2022 17:02:42 -0400 Subject: [PATCH 3/8] [#431] replace readme tutorial with datamap generation --- README.md | 170 +++++++----------- .../2022-06-09-T134148_datamap.xlsx | Bin 0 -> 51672 bytes 2 files changed, 61 insertions(+), 109 deletions(-) create mode 100644 demo_resources/2022-06-09-T134148_datamap.xlsx diff --git a/README.md b/README.md index 117eadf160a..64d03dbfecb 100644 --- a/README.md +++ b/README.md @@ -28,136 +28,88 @@ Fides (*fee-dhez*, Latin: Fidēs) is an open-source tool that allows you to easi 3. [Nox](https://nox.thea.codes/en/stable/) (`pip install nox`) ### Getting Started -1. Ensure `nox` and `docker` and installed locally, and clone the Fides repo. - - Then, from the root fides directory, run the following commands: - -
- Run nox -s cli - This will spin up the entire project and open a shell within the `fidesctl` container. Once you see the `fidesctl#` prompt (takes ~3 minutes the first time), you know you're ready to go: - - ```bash - ~/git/fides% nox -s cli - Build the images required in the docker-compose file... - ... - Building fidesapi - ... - Building fidesctl - ... - Building docs - ... - root@1a742083cedf:/fides/fidesctl# - ``` +Fides is capable of generating a series of YAML configuration files to represent your stored data, processes, and organizations. These [configuration resources](https://ethyca.github.io/fides/language/resources/system.md) can then be exported into both a data map, and an Article 30-compliant Record of Processing Activities (RoPA). -
- Run fidesctl init +This guide will walk through generating a mock RoPA using predefined resources included in the [Fides repository](https://github.com/ethyca/fides). -
- This builds the required images, spins up the database, and runs the initialization scripts. +1. Ensure `nox` and `docker` and installed locally, and clone the Fides repo. + +2. From the root fides directory, run the following commands: ``` - Initializing Fidesctl... - ---------- - Created a './.fides' directory. - ---------- - Created a fidesctl config file: ./.fides/fidesctl.toml - To learn more about configuring fidesctl, see: - https://ethyca.github.io/fides/installation/configuration/ - ---------- - For example policies and help getting started, see: - https://ethyca.github.io/fides/guides/policies/ - ---------- - Fidesctl initialization complete. + nox -s cli ``` + This will spin up the entire project and open a shell within the `fidesctl` container. + + Once you see the `fides#` prompt (takes ~3 minutes the first time), you can run the next command: -
- + ``` + fidesctl init + ``` -2. Use the export datamap command to generate a [data map](/docs/fides/docs/guides/generating_datamap.md) of the provided [demo resources](demo_resources/): -
+ This builds the required images, spins up the database, and runs the initialization scripts. - run fidesctl apply demo_resources/ - run fidesctl export datamap --output-dir demo_resources/ - ```bash - - ``` -
+3. Use the `export datamap` command to generate a [data map](/docs/fides/docs/guides/generating_datamap.md) of the provided [demo resources](demo_resources/): - Congratulations, you've successfully run your first fidesctl `evaluate` command! + ```sh + fidesctl apply demo_resources/ + fidesctl export datamap --output-dir demo_resources/ + ``` -3. Now, take a closer look at `demo_resources/demo_policy.yml` which describes an organization's privacy policy as code. This policy just includes one rule: fail if any system uses contact information for marketing purposes. -
- Run cat demo_resources/demo_policy.yml - - ```yaml - policy: - - fides_key: demo_privacy_policy - name: Demo Privacy Policy - description: The main privacy policy for the organization. - rules: - - fides_key: reject_direct_marketing - name: Reject Direct Marketing - description: Disallow collecting any user contact info to use for marketing. - data_categories: - matches: ANY - values: - - user.provided.identifiable.contact - data_uses: - matches: ANY - values: - - advertising - data_subjects: - matches: ANY - values: - - customer - data_qualifier: aggregated.anonymized.unlinked_pseudonymized.pseudonymized.identified - ``` - -
- - -4. Lastly, we're going to modify our annotations in a way that would fail the policy we just looked at: -
+ This will `apply` the provided demo resources, and `export` an `.xlsx` file of their contents to the `demo_resources/` directory. - Edit `demo_resources/demo_system.yml` and uncomment the line that adds `user.provided.identifiable.contact` to the list of `data_categories` for the `demo_marketing_system`. - Add User-provided contact info to the demo_marketing_system +4. View the newly-generated data map generated from the provided resources. + + The header block at the top of a data map is composed of properties found in the [Organization resource](/demo_resources/demo_organization.yml). In a production deployment, this would be composed of publicly available information for your company or organization. - ```diff - privacy_declarations: - - name: Collect data for marketing - data_categories: - - #- user.provided.identifiable.contact # uncomment to add this category to the system - + - user.provided.identifiable.contact # uncomment to add this category to the system - - user.derived.identifiable.device.cookie_id - data_uses: marketing_advertising_or_promotion - data_subjects: - ``` + ![Organization Contact Info](/docs/fides/docs/img/datamap_organization_contact.png) -
+ The [Dataset resource](demo_resources/demo_dataset.yml) is primarily used to provide a list of Data Categories, recorded here using the [Fides taxonomy](https://github.com/ethyca/fideslang). Any Datasets referenced by a System will have this information included as rows of your data map. -
+ Finally, the [System resource](demo_resources/demo_system.yml) contains the remainder of the attributes on the data map, such as the Purpose of Processing, Categories of Personal Data, etc. - Run fidesctl evaluate demo_resources/ + ![Demo Dataset Properties](/docs/fides/docs/img/demo_dataset_properties.png) - Running `fidesctl evaluate demo_resources` now causes an evaluation failure. The privacy policy "Reject Direct Marketing" rule disallows collecting contact information for marketing purposes, and flagged the violating `privacy_declaration` during evaluation. +5. Assess the Organization and System datasets using the `--audit` flag. + + ``` + fidesctl evaluate demo_resources/ --audit + ``` - ```bash - root@fa175a43c077:/fides/fidesctl# fidesctl evaluate demo_resources - ... - Executing evaluations... - { - "status": "FAIL", - "details": [ - "Declaration (Collect data for marketing) of System (demo_marketing_system) failed Rule (Reject Direct Marketing) from Policy (demo_privacy_policy)" - ], - "message": null - } - ``` + This command will identify how your existing resources could be extended to generate a fully-compliant RoPA. +
+ Example Output + ```bash + "Auditing Organization Resource Compliance" + Found 1 Organization resource(s) to audit... + Auditing Organization: Demo Organization + controller for default_organization in Demo Organization is compliant + data_protection_officer for default_organization in Demo Organization is compliant + representative for default_organization in Demo Organization is compliant + security_policy for default_organization in Demo Organization is compliant + All audited organization resource(s) compliant! + ---------- + "Auditing System Resource Compliance" + Found 2 System resource(s) to audit... + "Auditing System: Demo Analytics System" + improve.system missing recipients in Demo Analytics System. + improve.system missing legal_basis in Demo Analytics System. + improve.system missing special_category in Demo Analytics System. + customer missing rights in Demo Analytics System. + customer missing automated_decisions_or_profiling in Demo Analytics System. + "Auditing System: Demo Marketing System" + advertising missing recipients in Demo Marketing System. + advertising missing legal_basis in Demo Marketing System. + advertising missing special_category in Demo Marketing System. + customer missing rights in Demo Marketing System. + customer missing automated_decisions_or_profiling in Demo Marketing System. + 10 issue(s) were detected in auditing system completeness. + ```
-At this point, you've seen some of the core concepts in place: declaring systems, evaluating policies, and re-evaluating policies on every code change. But there's a lot more to discover, so we'd recommend following [the tutorial](https://ethyca.github.io/fides/tutorial/) to keep learning. +Now that you've seen how Fides can generate a data map from your resources and assess them for compliance, learn how you can [extend the Fides taxonomy](https://ethyca.github.io/fides/guides/generating_datamap/#extend-the-default-taxonomy) to replace the empty values revealed by `--audit` with additional required data, and apply your changes to generate an [Article 30-compliant RoPA](https://ethyca.github.io/fides/guides/generating_datamap/#generate-a-ropa). ## :book: Learn More diff --git a/demo_resources/2022-06-09-T134148_datamap.xlsx b/demo_resources/2022-06-09-T134148_datamap.xlsx new file mode 100644 index 0000000000000000000000000000000000000000..f5afd462fbdb25399516b425ece04dde684c1e5e GIT binary patch literal 51672 zcmeHw2{_c-|G$cmgi>0K_Ee0rwO}HZtclVh6D7M5$~I;!Nm@{pEwmY1nHFU?NhL|r zSV9cRGA8R7%Z!=%e@x|8_j{l3=lq{<&%M9H{rKWWsJh714dU9|*Cz|I zG>f#Xw!PbX|Dl-AB4qgS?GLqZg`11QoTV}IcT#59to@WaOYW>`SnIMYVtjL@&Ob3c zlI*-V$~Nhk7vI*7%Wp4M=WONp-z50B>mG;ed$yvj^ttE!&v-DNfY%`Z1_Q1~ZTrx!fecxTe7F7QOs z?6yPRno7*WX^*1#B*Z?uub*9+duB4;Bwf<=^u>B6L{&IR9rVzN zv7f0s^G=SKeeNqn$rFFfi*_Ye`nD5SSLtYY*B|froK#rQ&}5S~d*9Uyr{tZVSj!Q0 zz2ur!)rN5{ykorV`GUG=<8R+wOG-8R85rx^{+4T|@$uc8#m6@X0>;x3>27Q7Wc~He z4dc+1n>9Fplo4kKaHf4KD5@=x%`<)&w-0e>U)Pf^#RvUKMIWZB*l`Ny`#53sZkU%cBgN21T3 zPMu9WuC;M$F8VvXWFDKE`v=Daqw;=Kl57qvnWbDefxK6X$svL&*p zK9Tei6?RKWCQohCi8H0=&&)ZWbVdG3rntDmb=gb7XT)Wj+gA)+yYhZ}`K{^O+QhSJNej)UJ@e^Usge9?(I;>0LchRmJ2sd% zxXt4_)tD-HqFtdZb?4n zlTERwjcQ)^-N4!#X9!<#eovez6lVwbX(6u6HfzrdS})(Gj>TNB-?e}fK`)rv`6;ct z)DOE>=ghRAymnc_N_7hfHD|Hs(MuTT9z_Lvzkp{Oix*&02EDXmhQMO-iOp=IjX;Hgu)k zS^Nm&<++wd{U|HA{%~HK>glUm2M^lNhr(3`z2}LT_z`!bk#0C%a>Ss^h zCRuI1Wo3ys-aYl(*Mu>tgw&9OkFe^hFkk5K3!|f`6xeUK0!;RZl;N|V~@&(0$Q5J z`Q=D8w%^Si0klvni}tzZVT(5JTztq5wN~lcvpi3HXa?({N$>mXwleh6!(Z63`8QuL zF>4EJI#m|Lz(#rcY*)A=_cAG`^*zD6WC4QzrR$@R{LK;7*kh`ly@!tHuVdUDHfkt+ zI4byuV{L^N$miF#bzjZp<6EdcgKz#<$MV3qI=I$IG4msG+C3H10-?kkQ;pHkj(sW+SGsqqRkwLFgM#7cSu$GF^h@sGPZ%`^z zM^`_mjCHevN!T$ugOM!A?PoW5Ah_LTc+Ma-7|(8x3nOx{Y<5`~3CAsFaRH3I? zBkk-wK|}_Lm4#;abfIgdkO{uh^ihX))ml6&yAJ2#wgr#na*(R{QVYr(ydo=)CWsP6 z<@>tTw_HH0j|_5x2bg(AMT~|lRg;8SEp6#W7>;*iLSYXD$0!+2)F|L`+C>aYnAEmp z@^*@^Cl{YV@vWmV8favx#95ue+`($}iP4SSy~GT|VlJC*jBnz!WjcpC=COy1!%(Q= zfoIZ5?5Qde`raoZd1S_eDI zxFcg7sy3|%9BWiY{t|wWKC+9|Z&pFF=bGVBe(78+zZl8+ED7IDPb1OjF|u{K#O7QbQaW zr@>b7Prya&Cx62I%e)S*W?LlfU4o_{D(T z3L^80y!j~CUHkOrOLJzQ4HlXvEr!F5EqMP9J3=n=z;G(cDlX`-2Us*gB&7h?*A;o0 z%siP(Kowx=L#>*7o+0TP*ldcWyJfKI0{lCiCzsk0ls?*%r%KE~sf{2og+6@)!Q`}& zt~Lb4f{PN&yZE^5^D}uCjhuBZtTx#s_n-vH$|!XxQoX8e=^Fl|8?&ndcD|djMH4xn z|Mt<@ZvuAQmwsB;*54Ub)+!+{rY4Q`GB5S=$dw6w#J3;DgU6d;Pe7YL0MdS zm%Fk0e3JP-!8t32>z%xZosG0Da9v_8% zRLjvTENOkF(WdAx4>GoDE?pyV^~OAS5R!`U`J)!Y0|NCy&7k0QTg21 z_|?M=Uf#oRQP&$6;mS`QH*&WYo}nq5!vFY&L}q~DJCW%{Yohrd9hJB%=yKXxo!$1@ z`}{hQFhQf0gkt9cE4?&bQpx+^zgNd5Rzq*C@!9LH=pPQ5y4 z`CqaTME?>c(y@RrQXnIKCO}7AWVYtoSNwlzUN)LO9KCl5_|ezv?yl^QtF1*K^0C7` z?BuAClS9L3g6BvlYR7<$=fxcSa0@xk3`0byF^2{tXz9ZU3zR3fv7BX0G#qZnG_k2g zz0OT4csjM5(NdvM@37*WK#0uT;{oP-gmg7mrr^)6=E~McCG-vz$B_!L400foP4z-y z_a5$kG-ohCQ(?xc_*!gB{!s6+6Uja=%@U=@dRj|N!V6K2d!*yLZWSL8o7MWI-mAat zG5r(t^ZBhq2ZP$FVS(S0>r!YxR+6ZJ%hkwbiQ=T+W_b|to}(?~@=<7tEk(U}wIe3U z9j!$ks6z50la`IRbB+fyh8%vD}`vh6?0BAh*9wfHgRPY9je? z*+#(_8}4>8J{!kq4^|a&Ic=FXP@YFpgO<=T6EFG-Zg+VyipxIbgC9I?%bAO8=xBvZ zNfqI2k&iG^#A{TECEGB_j9`yM(vIs1p~H#k7sC>{-ricAu>o>Vs`qFMvxu6~d_KQijaDI^A(b!XD>eOP&fomYzv zi)NH;#yD{=*N%+ljtuF|ba>0%g-#Nm#pE@pKiC4Sam zcL&YMM>;uJ!-B-@FOD-psgH1&Z6ydJ6c(*^p7}nc02Tk5N~IA|92f7jrm_C=2J)ET z9A%Wz;MlW*BC;R`&FRiVP?{nsn8N&wEWL`+bzXz)FYAT}KDDp)Vz<*Ho;18DK^RK4 z*ohGf&0|n@W{p8duGZqWlylj3*N}C&oDpgn70aYEPUEABtI_r33Mo!7x+k?sx|`L8 zq)3yj5{rX;ah!KA?cS0SuJy-lb{@hHYi+fN-oOk~P44ySweaOQ(+5h7dNH%O4A~}P z(?{%=R><)Nkjcq3w4sj|W2mGyvAC~=?U9`ATkW>#$Oo3Ex3NYcx4$^55swRb8^yff z6OH`R^2wl#%3uv6DA(teaC*J)EeTOfyT?4)7UKwKO!lEUOS>_+`>~c%`NowYRUNR$(iI!eL>fLuw zGV1gmiw{NAT@|%R{1!QLO8m7Kf=IM)q2MODjTqv|3+6|n``Wj=BDjn=Oa>G+B%2{I zO)kHZo3=u~!M`wvJUkG8j#j=sRdZ!c7 zi%PkkUWz3hM)rkcti2<_NHZ?NIpH{Nf8l{~cHV6$#$lAF z)5uc?IY>+fx39hPyiPB}-a5)qmE@i)CB+cgx~BKk$Lb*CVe=g1bz0-PVc)m63u;q( zEN(M>E-jS5#0)m;VJ&{)PBf<1tyy0kWkKJ1t&8}k8Re8($R6yfF6M?d^bn&zr|<6> zpPcLX1!bj6iM!}Qd0CEFnEB3LZ*zlERBxJCI?dwqA|N*r)bnpcJaC)-%zXE+LTd8 z$!nc@#L*>sgJviC5}#;Oa38o`Jz=r!s<}L}qNvm3 zpL_fD~%m9|G24t>h?wG?a%S~Awt(a=Md8yUtlQClslgAVrOgrYYM z=hgPJ@}+-4BlIg8LE~tYF~`xk%R{4#+1-1^ypgRp3!QTp|6&FD@m-2~MUpkUr_y6R ztz?>N8M9H5k^}v6aNRXV1-JWbG4$V3AKyi9svCP>YGGc3{Bk4zexOf&mh14DVe=NG zny3e{Z`jMO9y0hIA(%!;}UCswM05(iG!2}8s#<-N0mvE{#*Cci5EYkoRmrI z9eL?C!`{hbJ;sTNtzB)wr0dQPpv^d=jn(6Yi}~aN`O24G3oe6MoUDpK;dO_G4m9Dj zM_;uM_dYnJ9ewK2LrOuzR=DFvN77*m*4GuRs)OS5g@sV%yFsg6r zU$nfu!0^|Z4Se^J6r|p87AuLRF^9cSDHiUgZ zv6_HBYWP}7R%gkF5U>Yv$ zs=4$pBIJnE4H9amyJTRo1dY8l06wRrU^i&+y&!|{>Js9INvPAVKAk20FpaTc%+2*T z4V~95B%QikoIhZXxUiMxG97^!87awty?cc1HJ958#NUvb8DOj+e4=RC0kLK^yR0Qe z%TMtKY!jccOmn>sf2z!!&jDI{W~|kev*o{c<6G!lwEh4;ZOZl4-A|T#-U;0%E~KTo z;^+8V;L?q`?g17GLOY9AL(|DRctV%*?DopnYZO#n2GX>Vu9Hbuw8oU~0 z@CRF_YRbU2!2KXbQUb)}0oX<|&SW|WlgEIVybHu65ZJJpyq38dvcNe&^S%W#ZzCWJ z3;{9{V-O=*4P+$RAV!jq0%9aUU~h6-X6FZMaah?+g;qdQpn0c(%-aOWNYa3e1jx8k zfsAAyh>;`%83_>BhH*LzVQo$}yM4y@U=xse+W^g5AIM06_A*5vBO!noNd?eK5(8u; zKw!fTcn-c#fVRmBAmh#fnztE3N3!rTh2yBpTva6xtO7jWUCWlDB*?X7i>hE47yYlwu z$bh|j*XkPBt&vN*Js9b~aqp_v`Ult0E`M3(`8ec8*EHR2!m<)82`eHauNb@PYRbya zO(G~oUVCrs{d(I1**VsP^^pvn(-PS1kme}Wvk06|xTf*Z83vbSRaO$JB4b=lEY})b zO;u4Q)KtZIlaDSmh_F+UBQU~GS7I|m+M_(K5JPXt&d|RpyYU6#d1UNH6X&)1NvRvF z2`{T+x0qlS>fg58SWbA6Dg9nPHcYh=`^EPBR1@3t`VV9`BoW?3#?3IXOVfXxy5TY5 zZB^WKvTdyXBfAavf-^6)M;It2Zi>D2R5Es%iKDK5s;pug;hAadS`#OG{d=j33__7o z>?*S3A${7??pveobIOxL32PLB2(KjLW}Dc**3U^*xJr0!8n@8Ip-aEOPT>-vR4HyA z*;^;iR--|i9&;P+v@4)#_rRX^1p_5C%xTB(qT7>uK4KT#+6@!IxSEcx*Oih2gm;oL zRwh=u1~Ia#a|!QFW9&_i*&D>Cs)`aSm10hitqzIVNtGKca%a2)dAd#IoMg0?$?@|B zA+pNWgpa1tx+d0X2A5KmPZ64wqIZ&y#~NI)Q@?XWN!97y)drcpM`2mY$4pH#=Rh5Q zS*0C>50TM(O-{Tv2ufAjN2srgK4fCkWe{kmWI(9PjIP;Uzr&3@{YZ}JGWZ|y@1OLR zu=ZjIYkJ5r?FjhzZO_uY1JAf~>;k280U#NC=Oiu*&l8;MZv=x-qwc;)8?LRYblwCp z5wXVUmtigq1X1r!5L1NtX?z0WsFWS0K#n0%FD$gqh1A%!GXeVdgUk zGs}UT04CH_HE64GdS`dIas}*VWbgwBGbKRGoCaa$0T44lKJx{HnPWiAK3E)EQrIhGYe}nu4ezdC683V#h1(46Q zgD|5A#0<=Rh8JQFz5!vz28bCq5GQ~O_1oK{Sn~AvCvy$phwl|YKGOrjj2jR$K>N%` z5N0}nnDGE%CI`p~U_$LKT`m=;(wTYB_6q!{xdnt75fEl9fcBYZAk0XCFjL?H!b}hd zGf1H22`{GB=NLTEB*4oZM_oW3wgq|E6XfCJAP>8PJnRVa zFc#!tE7%Y7l$_~}AWDu(=W7rrSO?;a86cLL3zRtit0xU59NC}=M=;3h^zW8Wx^Mk6 zlqx9UxDA|e0C~Z`T0Z$2*8T&ODla7j1~lQAluv#*=YZ7R5}@Vjw;=&cG>}ORy8S~{BZCM9cTUnlqx9Y z7zI76N|=;Sekd@2P7(ipr3yN$LaKnCRZYq#KbIo>1C%P8O6*{_(<1jrmuzEU>T%Vp zVjTnZVQM}tAP-l9JlqfRa4E>cRFH@3Kpq|idH4mqhsV&lUltv7IZ}74Ig%rB&oO|1 z+r84!u+PJfrQ`eu*Dfpj*tD^62h$@K5w>uUvWT!dO}}Wox=3lIiOSE_ON8>wxLIVo zTz!wr7G!MI4Y698z1B0vt6gr%#ytGFm`2%&(C8j*NVd+sFc{l@d%AD-^vi2a6rlPk zNrTczgP#hW((M$x3B~TQ^5i3TYLyVmoyE%MOk)DZtFvr%364J(02##DsV*Uq-D7%| z6%a;KG!Yq^cV0`5ms;&G*=YT9O_Y7TejZgJo>1m4MO7}}CCYRWUAB*K6sr7@jlCip z_fw6|e)5TWgJ7!C5kj60(N4quU9f|A>PCU_s;tUL{kos4zG79#&Rg`8sSt4926W>< z4f8;qtFqBhwbFUQ@z;c!A8X30Ghm%QRUw|#6lRiEY$v=L)@!`f^h4-XLkiQ z$YcPJ6G1?B2LL%41mq(CAX5QAHUhEZTmUyP z1^_Y=1mqk5kjnt<7!6{_Fd^m|(pkoVoTk`Su$PNM5KHa`02u=UavlK44FDihKtMhX zV8>Y?b_^3@5_zmYMH7!Ph=9H0pg>#%WGkB-cw$$F3k5_U6a#?K2h%cmdo|1zoEM3p zCI|i=l);4pqK^Sc9|^?!K=y{ofhW8VE))=bY*6|@oCIXoAx#ea-TUA|0ntYXqz@0` zeI)=v!{opd-Uk;76nTt8;#S|_I_r~R1~2{5s~o~%hN<)o1~oD!@bdfGW3hKN3GmYJ z-V&vQf%@>WWt24exadZBDLV(NAEEpTCJ;1$4+k<~JnRWWX+tZNHuw}P?S_ZNZ&D5> z#hL#fafTD$-f??6yFl3hz5@0elmlMeIVsLeh>S2H#wU-0hMm7dIpE2Rlj6+xumvu} z6gwQs{vG8oc?G9af z2}}+=K_5&gAo}p2-WLXN=D`8k`z8mTpbsV#Oq*B~rx&l>Nm@jPF8P2{Mu1ZzlrB6D z@3emmM89AF2stbOts@LXoIwDHGu{B=49J8NVNV!RJ3XszaGMkWQg#rB0y*hJfEad|u*KU_|L$gIgpf%i@EMypGbsJ7gUdR^b%kqnzcVxiz=v>kyYceA6vQ{@#0eG*>@syxa1} z4$NQgNB`b?DFC&L8bIBaIX`q@{^`d3Z@rhY(eh-c@ovi>Ixzoqpa1vX%Odv}=kbQt zA3HGrbUFXG_SP9tyJ#HL(CYd_lk1=EivQN$YNBw2&@kT6`eT#pulM+WZ*L8N+C|43 zTFvkLC}#iZhWl>~u9EsuR28VDwe4%0YvTCM_@_(%{{m!Q2PRCAd5bn&kjEEoxFGWu zZI~eQ7Hzm7^GZbiJIH^C+5cmRe-yJ}g3J@MVS>yPv*CiwTeM+<%v-eKg3K%AfC)0M z%LXRMXb?N*iP`^Kh<_Bb;eyP|HerH{8SlV^3o>ufh6yrn(S`{!Z_$RkSnxV9VS>yn zbbxEeAd3Y|h=0^$;C?=sL;s=2Ob$GLxdV_5!NmASJq9kyJgoqx^PxZ%m&t)Af-;y; zKzhtDmrb0`_Ba+xfESE>*JI!;a(Ioe8Vek<$G#Q7z*>vGX)Lf-<&LkNOt7qz_*IXA zwT)1|2~)6uKmhUUdyxkAh=Yz6MUIEPHz~fiE{0=Cf`lX2q z7`P~dY{9&`kI8|@>H8f}K=e)Y9Kl4H1mb-lLHOjr6L~dUD85z?lCs9H$AYs#eZL+H z)~56QdMr4b162PFvbrEZLL#1`4l@-99xqJ(@4L=du@}UUd4&=GV~Bse9t$SOAZtJ( z2*{J-45Wa8h%-N4j|D3(gN}TEgL3eP+zU4#niOXsCHKecv0yG2yz8;xf($eD>rs94^Grwl{IZ3*4v$Bz%`4>fyYlfAo?b5c!5bD9%QfP-S9Fw@OaMf zJD@;8-iPO=YjPW-2{41L5&-=o5k!;tRsaJhFdOsyS^xvfFh=3(7tsFu?ba4pG4(J2 z5Fp|V_ghQXe+L3mJI5=pdqu}DDu5YPivb)TutCE0$$=-1mEl6stAwAZfPqP$5eR)C ziNNH*6ZFA_0-|rC=LjZ!ND%r!QjE!gC+LF<#n6Rg!b{mL&Gz?2;ckTv-JTbp_Q86`QrN`G9+3Uj#t zsZIcD!~jX}|L$gze$z!kW(FfW zV^_f+yHxp{WHj7ae_p6PL;t4i#utR=k+B<1oY(3n{fF~^>G#gDaSPp{gD3&QJINR; z6DwVV7+KZ1g!iT~e@fZJ>{QDQM7Kao0j#g_jcX@NkB9Ode_5p+gb$I?dreNfHV8_E z?mhiA$*kF4Z{TJUXb9CnK9!7JX5y%;pDL@^MtEi#yLSBBQ-AuZSK88ULQbmYYM4Nu zCV#BD5dlIWT$mBbUQJauk{=Ov!v`92F8Dx0GAVqZp{*D;&~HJ2wgCb95eU$AFzuO3 z82v_VUV<}y9zK!enmmg<$* zQ~Z_bdRU>-bUkk&Qi41wKJ=)@k(%wchEY`U0CEyX%wmk|iJ@R~3i9@6iFqJ2@CBou zzQcnlq_MHFEOM}zM=uGj)`a)+wm~(H;kYB7TxvrDE2fJYae6qMe%1>*a?Fj} zSDQ6FI)vV%H;rGCkB?7?Z>v+OX>(muwbe8}K7DCEK2hkmo{mU2cP~e4H+fGd$L@m- zp>Yc0?77bcBUcPr|{@aBkNiN ztvQ4TjoukPO*$42)qVD>m!#RRIpcOc$*5Ra#5(HK%{_r_R@?44riqsvkw8vOO^Znh zj@;jx40$)Z$!$Qskz1)RxX(=v?&0`Je|;)&KBj zk*o8St5BI)v3K)*@=7fX-rrWogju>8%?rtRR7pbs+XcnPVA0Z~OhIYnDI9+Rp z_P)ARn%1SK)(B^>BA?En7wB(Y?=-WMwnc4s-r92+M?>fGyN{pShLzpUu+U{F>FnDt6#kyJFmvCdZ&^&!2uPMsBz_b zR9;esfZcCYhGO2oEx@>v=Lh-KNj1k?sP_B zWSvpLP&< zt`CpQ+jlbZp0C8>OZGPPZkJahwa?hgE?qWtsl7;&zrCz_RSjuV#sUrbmD&s5#_muw zcR1@HTd=coZ&Qk#cG*0sjmH~Q49c_`4`WgI9mhhL?;bV>^WB=MDfn2RMxKGyUq#57BuT;|*6t0mE zr?Vti;b6rz((rK`q|$kxt;V%mXVYz0y|ym-BF%Sa>*BdPYFZ>$U1Hq+B;zY$NY#8S zWVe`7gjn$KRj9tP+$`?WdID8h;~p+-Q@@x3_AVl2`*GQ|ZHGUbKXV*XDLQmzO?c88 znmO~K;T^xS*%HXjG#skr-dbeK=4ZDr4OwT&T|7MGg`hKtNl8B&f)qW8N&I%j%#ZJgcci9Yc%>Eo z%6#+ZGsnB@R-b7)Dazcx$!KKxozs2%FYdoV&^;1Yvkx!y61&On^{F8yMZ7c;J=da6 zL`~VFH)X2iw68n!W@u*?)HJa2hfsU~{fI+9-~aK05a#1Mjybl+731QDv~+P92lm%@ zn?}xm+66sV20bnD{jJce-xT7H?>>fcwf;|Ux4!Lfxdx)~-mI@wejmYa$}4C<$X(rS zt(~mD{<-1T0mkEs=hwD%U(JP#U3~`M{O|7`|Nr|h6`1gMH(P6KcQ+*OE(ZPtUY=H)5jkYhW^!nwvRI< Date: Thu, 9 Jun 2022 17:05:47 -0400 Subject: [PATCH 4/8] update markdown --- README.md | 52 ++++++++++++++++++++++++++-------------------------- 1 file changed, 26 insertions(+), 26 deletions(-) diff --git a/README.md b/README.md index 64d03dbfecb..da8dd85bc01 100644 --- a/README.md +++ b/README.md @@ -81,32 +81,32 @@ This guide will walk through generating a mock RoPA using predefined resources i
Example Output - ```bash - "Auditing Organization Resource Compliance" - Found 1 Organization resource(s) to audit... - Auditing Organization: Demo Organization - controller for default_organization in Demo Organization is compliant - data_protection_officer for default_organization in Demo Organization is compliant - representative for default_organization in Demo Organization is compliant - security_policy for default_organization in Demo Organization is compliant - All audited organization resource(s) compliant! - ---------- - "Auditing System Resource Compliance" - Found 2 System resource(s) to audit... - "Auditing System: Demo Analytics System" - improve.system missing recipients in Demo Analytics System. - improve.system missing legal_basis in Demo Analytics System. - improve.system missing special_category in Demo Analytics System. - customer missing rights in Demo Analytics System. - customer missing automated_decisions_or_profiling in Demo Analytics System. - "Auditing System: Demo Marketing System" - advertising missing recipients in Demo Marketing System. - advertising missing legal_basis in Demo Marketing System. - advertising missing special_category in Demo Marketing System. - customer missing rights in Demo Marketing System. - customer missing automated_decisions_or_profiling in Demo Marketing System. - 10 issue(s) were detected in auditing system completeness. - ``` + ```bash + "Auditing Organization Resource Compliance" + Found 1 Organization resource(s) to audit... + Auditing Organization: Demo Organization + controller for default_organization in Demo Organization is compliant + data_protection_officer for default_organization in Demo Organization is compliant + representative for default_organization in Demo Organization is compliant + security_policy for default_organization in Demo Organization is compliant + All audited organization resource(s) compliant! + ---------- + "Auditing System Resource Compliance" + Found 2 System resource(s) to audit... + "Auditing System: Demo Analytics System" + improve.system missing recipients in Demo Analytics System. + improve.system missing legal_basis in Demo Analytics System. + improve.system missing special_category in Demo Analytics System. + customer missing rights in Demo Analytics System. + customer missing automated_decisions_or_profiling in Demo Analytics System. + "Auditing System: Demo Marketing System" + advertising missing recipients in Demo Marketing System. + advertising missing legal_basis in Demo Marketing System. + advertising missing special_category in Demo Marketing System. + customer missing rights in Demo Marketing System. + customer missing automated_decisions_or_profiling in Demo Marketing System. + 10 issue(s) were detected in auditing system completeness. + ```
Now that you've seen how Fides can generate a data map from your resources and assess them for compliance, learn how you can [extend the Fides taxonomy](https://ethyca.github.io/fides/guides/generating_datamap/#extend-the-default-taxonomy) to replace the empty values revealed by `--audit` with additional required data, and apply your changes to generate an [Article 30-compliant RoPA](https://ethyca.github.io/fides/guides/generating_datamap/#generate-a-ropa). From a882254fa2088c0a1adfcd80a25709c3e67286f6 Mon Sep 17 00:00:00 2001 From: Cole Isaac Date: Thu, 9 Jun 2022 17:07:05 -0400 Subject: [PATCH 5/8] update markdown --- README.md | 52 ++++++++++++++++++++++++++-------------------------- 1 file changed, 26 insertions(+), 26 deletions(-) diff --git a/README.md b/README.md index da8dd85bc01..b44b6b48ff2 100644 --- a/README.md +++ b/README.md @@ -81,32 +81,32 @@ This guide will walk through generating a mock RoPA using predefined resources i
Example Output - ```bash - "Auditing Organization Resource Compliance" - Found 1 Organization resource(s) to audit... - Auditing Organization: Demo Organization - controller for default_organization in Demo Organization is compliant - data_protection_officer for default_organization in Demo Organization is compliant - representative for default_organization in Demo Organization is compliant - security_policy for default_organization in Demo Organization is compliant - All audited organization resource(s) compliant! - ---------- - "Auditing System Resource Compliance" - Found 2 System resource(s) to audit... - "Auditing System: Demo Analytics System" - improve.system missing recipients in Demo Analytics System. - improve.system missing legal_basis in Demo Analytics System. - improve.system missing special_category in Demo Analytics System. - customer missing rights in Demo Analytics System. - customer missing automated_decisions_or_profiling in Demo Analytics System. - "Auditing System: Demo Marketing System" - advertising missing recipients in Demo Marketing System. - advertising missing legal_basis in Demo Marketing System. - advertising missing special_category in Demo Marketing System. - customer missing rights in Demo Marketing System. - customer missing automated_decisions_or_profiling in Demo Marketing System. - 10 issue(s) were detected in auditing system completeness. - ``` + ```sh + "Auditing Organization Resource Compliance" + Found 1 Organization resource(s) to audit... + Auditing Organization: Demo Organization + controller for default_organization in Demo Organization is compliant + data_protection_officer for default_organization in Demo Organization is compliant + representative for default_organization in Demo Organization is compliant + security_policy for default_organization in Demo Organization is compliant + All audited organization resource(s) compliant! + ---------- + "Auditing System Resource Compliance" + Found 2 System resource(s) to audit... + "Auditing System: Demo Analytics System" + improve.system missing recipients in Demo Analytics System. + improve.system missing legal_basis in Demo Analytics System. + improve.system missing special_category in Demo Analytics System. + customer missing rights in Demo Analytics System. + customer missing automated_decisions_or_profiling in Demo Analytics System. + "Auditing System: Demo Marketing System" + advertising missing recipients in Demo Marketing System. + advertising missing legal_basis in Demo Marketing System. + advertising missing special_category in Demo Marketing System. + customer missing rights in Demo Marketing System. + customer missing automated_decisions_or_profiling in Demo Marketing System. + 10 issue(s) were detected in auditing system completeness. + ```
Now that you've seen how Fides can generate a data map from your resources and assess them for compliance, learn how you can [extend the Fides taxonomy](https://ethyca.github.io/fides/guides/generating_datamap/#extend-the-default-taxonomy) to replace the empty values revealed by `--audit` with additional required data, and apply your changes to generate an [Article 30-compliant RoPA](https://ethyca.github.io/fides/guides/generating_datamap/#generate-a-ropa). From db7ae0451b9cab5ffe96f7c4daa8ac4b08a2bfdd Mon Sep 17 00:00:00 2001 From: Cole Isaac Date: Mon, 13 Jun 2022 13:57:29 -0400 Subject: [PATCH 6/8] update tutorial, remove extra files --- README.md | 79 ++++++++++-------- .../2022-06-08-T201756_datamap.xlsx | Bin 51679 -> 0 bytes .../2022-06-09-T134148_datamap.xlsx | Bin 51672 -> 0 bytes 3 files changed, 44 insertions(+), 35 deletions(-) delete mode 100644 demo_resources/2022-06-08-T201756_datamap.xlsx delete mode 100644 demo_resources/2022-06-09-T134148_datamap.xlsx diff --git a/README.md b/README.md index b44b6b48ff2..81a25a675f3 100644 --- a/README.md +++ b/README.md @@ -60,56 +60,65 @@ This guide will walk through generating a mock RoPA using predefined resources i This will `apply` the provided demo resources, and `export` an `.xlsx` file of their contents to the `demo_resources/` directory. 4. View the newly-generated data map generated from the provided resources. - - The header block at the top of a data map is composed of properties found in the [Organization resource](/demo_resources/demo_organization.yml). In a production deployment, this would be composed of publicly available information for your company or organization. - ![Organization Contact Info](/docs/fides/docs/img/datamap_organization_contact.png) + #### Controller + The header block at the top of the data map is composed of properties found in the [Organization resource](/demo_resources/demo_organization.yml). In a production deployment, this would be composed of publicly available information for your company or organization. - The [Dataset resource](demo_resources/demo_dataset.yml) is primarily used to provide a list of Data Categories, recorded here using the [Fides taxonomy](https://github.com/ethyca/fideslang). Any Datasets referenced by a System will have this information included as rows of your data map. + #### Article 30 Record of Processing Activities + The remainder of the information on the data map is generated from the provided [configuration resources](https://ethyca.github.io/fides/language/resources/system.md). In a production environment, these could be [automatically generated](https://ethyca.github.io/fides/guides/generate_resources/) from your databases and system resources. - Finally, the [System resource](demo_resources/demo_system.yml) contains the remainder of the attributes on the data map, such as the Purpose of Processing, Categories of Personal Data, etc. + The [Dataset resource](demo_resources/demo_dataset.yml) is primarily used to provide a list of categories of personal data, recorded here using the [Fides taxonomy](https://github.com/ethyca/fideslang), that your systems store or process, as well as their retention policies. Any Datasets referenced by a System will have this information included as rows of your data map. - ![Demo Dataset Properties](/docs/fides/docs/img/demo_dataset_properties.png) + The [System resource](demo_resources/demo_system.yml) describes anything that processes data for your organization, such as applications, services, and third party APIs. In the resulting data map, this populates system-relevant items like the purpose of processing and use, as well as categories of individual the data pertains to. -5. Assess the Organization and System datasets using the `--audit` flag. + Together, these configuration files build out an initial map of RoPA-required data and resources. + +5. Assess the Organization and System datasets using the `--audit` flag. ``` fidesctl evaluate demo_resources/ --audit ``` - This command will identify how your existing resources could be extended to generate a fully-compliant RoPA. + This command will identify any missing information in your resources, which should be added to generate a compliant Record of Processing Activities.
+ Example Output - ```sh - "Auditing Organization Resource Compliance" - Found 1 Organization resource(s) to audit... - Auditing Organization: Demo Organization - controller for default_organization in Demo Organization is compliant - data_protection_officer for default_organization in Demo Organization is compliant - representative for default_organization in Demo Organization is compliant - security_policy for default_organization in Demo Organization is compliant - All audited organization resource(s) compliant! - ---------- - "Auditing System Resource Compliance" - Found 2 System resource(s) to audit... - "Auditing System: Demo Analytics System" - improve.system missing recipients in Demo Analytics System. - improve.system missing legal_basis in Demo Analytics System. - improve.system missing special_category in Demo Analytics System. - customer missing rights in Demo Analytics System. - customer missing automated_decisions_or_profiling in Demo Analytics System. - "Auditing System: Demo Marketing System" - advertising missing recipients in Demo Marketing System. - advertising missing legal_basis in Demo Marketing System. - advertising missing special_category in Demo Marketing System. - customer missing rights in Demo Marketing System. - customer missing automated_decisions_or_profiling in Demo Marketing System. - 10 issue(s) were detected in auditing system completeness. - ``` + + ```sh + "Auditing Organization Resource Compliance" + Found 1 Organization resource(s) to audit... + Auditing Organization: Demo Organization + controller for default_organization in Demo Organization is compliant + data_protection_officer for default_organization in Demo Organization is compliant + representative for default_organization in Demo Organization is compliant + security_policy for default_organization in Demo Organization is compliant + All audited organization resource(s) compliant! + ---------- + "Auditing System Resource Compliance" + Found 2 System resource(s) to audit... + "Auditing System: Demo Analytics System" + improve.system missing recipients in Demo Analytics System. + improve.system missing legal_basis in Demo Analytics System. + improve.system missing special_category in Demo Analytics System. + customer missing rights in Demo Analytics System. + customer missing automated_decisions_or_profiling in Demo Analytics System. + "Auditing System: Demo Marketing System" + advertising missing recipients in Demo Marketing System. + advertising missing legal_basis in Demo Marketing System. + advertising missing special_category in Demo Marketing System. + customer missing rights in Demo Marketing System. + customer missing automated_decisions_or_profiling in Demo Marketing System. + 10 issue(s) were detected in auditing system completeness. + ``` +
-Now that you've seen how Fides can generate a data map from your resources and assess them for compliance, learn how you can [extend the Fides taxonomy](https://ethyca.github.io/fides/guides/generating_datamap/#extend-the-default-taxonomy) to replace the empty values revealed by `--audit` with additional required data, and apply your changes to generate an [Article 30-compliant RoPA](https://ethyca.github.io/fides/guides/generating_datamap/#generate-a-ropa). + `--audit` flags any empty fields, along with the System or Organization they belong to, and returns where or not the system is incomplete or fully compliant. In the above example, the Organization resource is compliant, but both the Marketing and Analytics systems are missing information that would be required in your RoPA. + +Now that you've seen how Fides can generate a data map from your resources and assess them for compliance, learn how you can [extend the Fides taxonomy](https://ethyca.github.io/fides/guides/generating_datamap/#extend-the-default-taxonomy) to replace the missing values revealed by `--audit` with additional data, and apply your changes to generate an [Article 30-compliant RoPA](https://ethyca.github.io/fides/guides/generating_datamap/#generate-a-ropa). + +To start from the beginning in using fidesctl to solve a real-world privacy problem, follow the Fides [tutorial](https://ethyca.github.io/fides/tutorial/). ## :book: Learn More diff --git a/demo_resources/2022-06-08-T201756_datamap.xlsx b/demo_resources/2022-06-08-T201756_datamap.xlsx deleted file mode 100644 index ea06e103b951f3c602aa95ad166ae69c4eb0894e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 51679 zcmeHw3pkWp+rLC5X(*+XLr1BcPnE+&q#P?s2TX}HIZUCPO_8JnLfa{($OvUhN{*9M zDoG3`#E{UKoEn2MX6FBxN{9XK>wDJ!db_^&doO!ma&7yW)p~xvd)@24f9t-N9j4O- z#QFI6X7TB!zObIDZ|-mg`mcM?mnih*h&jB&19RL{>Co}xiau_x<`KHW{3@b`+*c<` z^7YFM95%n*bvGB`zeFj@aZ9d2Q0d09NOx(>qOFwK&TBtp&Q&;P9oexw8o{?f;=)4< zyA1cGaYxe+`|@dbUwLz>dfWDc*>%#lgwhkb%sF!-w&FbIO5gFZ=<2z5+)1uHeVL#L z*TbzfvreObHRCUth5>D~{f=Lz>u_VNhXzfvavC3>*w52FjPY=qm~Z-(GK+HMIp7Q$i1`^i$mYIL)=~z0^Uc{d)OsjxEcb zvNYGIM0F|N8eEQ*Oq48LK%;*q@Fy50$}&HqW9*{Ioh|I)WmZ>jW!c{LI8k)x?0WK- zBW%6GpdnOfj@l__?xEsY)*?iXc_9C<$T+2)IkaXvAK#t1e0=jEWPDteypB4#Ieq<8 zWdfTjn`Za-vZCx@&h!r@W#kh1qMf-(yJhz8?s?dwc5g7f>>a-*np3*S-z~s2^~ee* z6n}?Wn3~$-sLE{OVnM{&i|WoUM^Sr4MHhZN^y-7gIKz|cJMBzVd}w^vrQ7ZE#RiVi zsq+Yq2CDqA+Vj^Hp9_zDHhY=a8nuNIzWVWF3p;hncbWTMGKi2_;I{S3;eBec?XhJ| zIO20;WU9Jsk@C%SU9kSU-#kSdV zA*VI_-i%w4a|iP76*N?K`eY{WTuguFUneQjKjT%Q+Q6+h*J$e!`6OHxWzx(T>R&eF^AnR1b_R(2=pRRBpuieRcuQ-1Z-axZ)j+MJ>pXS99T9)30 z6-qkn(>IKQX%P5ObWSsBU*i1YE^qI^@~d3r%dE#9wUv5dfTkNe@p8)NDN4r_ht-|twwj&Xa$viW5$ zbLNkQr4M;X#z*C%q(VMEN!{6ei@q)_Z;XeF=TRpoFHa@jH{R;XYiT^Slze7&k4^iR z-MEuk3TM<@3IZae=sJkNPNSHpDovxTZLbs=B=6wZ&=-cMgSh34qL_dYPWgxu zGMO{hZb=CkZ!c$5l5sNwxx-0elpxknQa`HHcO;v_>7pO*4THY1BXO;zzTPcCJ_Cal z{X{IYJ%fTG26FSUtonT77;8E^3CU)Xx@VR$doe*i%nVxl7-^^+{g_IijH_1Dw4kS1 zqh0KxnKC&xJQP)$%r7y zARks&UbzI(Z-B~1bTYhg!L)n~2CpOaq|yf0I?gE64QwH@dm{UhfqqYF;p}ecFCH5!ibIyNy;$$+J5b1=p~?<6iMh&rRb-Go*mdz8tQ8Sm}hp28Vxtfvr%`{z@1I&rNjDdcie*9fLHSgW+^!moJzGbU<@*LR64MoIuw(XGeTAa}cdpML3f5Pi zy}E4uUIE&)0MA!tN{4(#O&3Wop977}9CY5ch2CzdL@8k+m5@ry8I}D6nc{$vv9fHd ztroNjY9eRoOI35^Ono8ZYt}$}P*_c?sMV|?ll;wK%xRlze3!@ACO&(-?zM+WFU$#c@>h*={!F%2c z`IX5o5{x;xaD6a??~P)lG0|2!^0;r?U|VH}$(tgQ;0bY#QkuO_XrQu3_~pI_m7{%j zt+u-}F7}j-c4lpgmn|T>lZw3k3v;E1^5Yt6v|^159RxzJi(3cpe>-cxzT79lkb~l8 z!TavcYM8#E$U&Ox@l5CWf{==k3h%B@oiuXBgW&<~=N;N5+R&J~&&^M2%DE%r&7W8}#eq1pQKw*($s7t0H_ zcq=@kY)!nt{exn+XC6P*qRZ?o^be-Zjht!OXGW%GbZB8Ba|-3WkI?FskaNblT4Jp7 z>=6nsD0-Yq&Ok;g=Ch=>1dON@bK2SD&pHK^H_*Fr+CR4rxJ0b*PhDraW0r~js#}7W zuP^WlwpX6DwQOa);KhTwr|++$QI%{OtZeuB==k_K-whh2v%JH!&RF)(Y2f-Z+Fr)U zVY!r;v}|e+>oPZ+W!{%h86p-^K4&T}{bx3=ITLL+R4YI07d#^?ZWz2bYSu3O)h`79 z30>hPIx2X0ywb-0kU}`6xRf*6)>-7;k1Tl_d7sEteO7MFm5)Z2AAZd)Lf~49{ruT& zHTfAhTT}^mV62SQ@7@~ecd}3mOYgHp1bNdRGLtMZISA~z8v7Oc>$eGH%Fh4z)wJ1a zI!w!Zr2~HXGLX~g%*ILA^;;5H?H8Ml;gYXQ%n9D9O!cjjNFj3qUw`(h9_=B8Py)w& zX4j5nEP0idQTR!@A*6gm(JA|JkKW=@k6xVudXsP9rou=vE<*7dL6SR|5sAx*>zw>xIM4I8lW5YC=c!Se1Wa;XEopRq^B5M)B@_`r;5ZxqdTLk>M|Cax9h zE03}NNGxFvbrW&9)2TO4~cV$=I>M&MC158`J+AmM843lvd&Ws~>3ehAKcXZfvfk)vZz0$JS`cU~8 znm1X-J%z-mu#ssE2x`Sy)-$q^L~W^0&DG@QVc%=gV?OMj3Is-vJ=Dgc#mQiG*aLxs zYkEvAKeMTs*X&CQk1aF;n4-GrHY^F^e{~ePYxsR66N)Y``jXl zroktdYOuu{11bI^J#_D+IAo9?)^n6#IT*y~>N+gLrL*F&8%u1t9!-_m`N&ev(sPJ@ zqV}`iZ2NNRlhz8-cIGIj0)aZkWr`;&F(gKmQSZv1CH+NWvPNVm*A`ZA`#<${5_MSA z`my<~0w|*DK?!dUy^%)qy88TlT;}NT8*jBINh8e}kyicBG(I9~f7m1-+o zMA(;(1t5;^cWkxqSXfY~++G#-QI7+~2DaESx+THBwHU*$LZE^^kKvHTNCgRGpy!Ys zqqebx=4nt>Vqxx2*x6FDl`$fzVJpetRPGudtUz-5N&G`?<#8B&45rkrSa0l{Cm}7K zqrE4C=^BkpnZae`+Yp&ugl0jugFq>_UHny=cLtV}Ep*%c#r@KO6(0h1j^Fp8=+cv+ zA8x_wtm-EdEG?-7G65SnMx_sJdFG9Aci(P-;4rGPY0wNgN|+q(K-Z@W+xkyF%r&*t zA}aTG8nK_uedRCZeezJ9u1%kC#&F+NmR@yQ3Her^ecG7+Wl6=$V_`OZtfkMq2s`PG zYu4AtyWTR}+)-n3x>&!!0Eq+|j-& zBKO5AR^Pq{jwqiLW++-osZrw84*Pdyx_#ySDFZ3l%urI`$gv=t6{*$5+MBSGU9wdq zZY#Syn;974FxI~}r|bUqyN^&89!p(h*=+rSd-#YFG(6VRhY+UejX#k~BKm0%{ZmY{ znJsDkd#fU6y6>S2%Pb_iKtKJ|T|e&C#PQqz(z}vbEk$m32*TZuwew5l&7%vNM=R}7 zws2ZsfdguMoNKpkI55Td7pf72cOx4wQ0>#Y?(f{2s+3IE{_7LrbsN$xyp(;HTi+t1 z!F|Q*C&Yiu-t)PryCBbjqB|C`faTM6nn&rZK&}kbc}42=`GoMazwJ8;!<}UU56}= zpmeXnb0b2J=_LtNj-}6ffA2QdX(bn3Io8`BZQH^&or@~CjeWKf_24!|w>sU4-B;ti zo>nnkt8%PGjZy&paA@6MjB0N0xpL_LWj?r#^2z0)K>Nl<>wyCQC;mAD5^tC->&63r zGkFAIU;+o?;i|;y)n&7>^8DVn2T+S&Vw+}TS=#0{-rV6To16iZ%1fI&1K!o1=uo2n zkkq>I!N*mzu_Ld&a|XN-C5J=Fm^Y~Sox-fp?)V8Do&@o52!U%e-f6~_qLBhLh4#=*#U34oVBf|e?V&fL@{0UU5xigZ zOEZ`nInc&eNnJ>5!S(Gg?N8~BlbAW1tAg06+R5J;M!=IcCdW?$i^#;=^05Bm!=Q3d7UNrJBpVIyLSbR-0YPis?@%xq4OY4 zT3oELgq`K-JGlcULAbQ|K8<5~OBha6&MBf7#rXq6M(Skg$5zfOYCXM5rnI@){bm0Utj3&TiLt_LOeAGR&jxQ36`rTR_Ju&fb#iLf)-y{07E93B#>e4vI&vHu+!$o=fo)P};1b$9OFDCfr~o`;Ou|}N{Gp-qrOH;E z6bRldI(zxAf%4yTz-w~74_ElyjMywX%RqnSdBJem1&+bC|CCnHZ?>Egh^!Nv#jn5S zyudwKv75nWQNsU}@1*24N3>np#IFx?`811N)4Za-8P?NW!2xLSdmw}B>@k*wZ-Es+ zMzR-($!yq00x@|Qh{@YPOxA-i2?RELCZmTxLKc_`GH**D3k(M`lARz%A_rt7h9E|g zatp*r<^vfC5ZD>!D@9;Ahx<2mOL}LeWP!}v3TWP0Kt=*&+?hZ|vKz!mGJuT48pue1 zz(&vCJ{{KPv>sgzZIjMG^ELyTH~ei9@_=eUMuG=1l4>ANk^p2RRv<!->GhNMqb?r|1LIum(`J1=AoJDyYWqR@%ycud(1=7 z>gM>yy!eJKO-A&=)rpZ(<~tA0HoqdTxe8wwo8Vz}Xs!9xOic}ZLtTO&>7b-}3|dnG z&xkrz6ObF;HQ(4uJl?>{@q&4{yoMA0y>+~al~b1a=Z)yQLBu9D^$kXpsXpI*6%$}5NBUx+8ovpV+5tRPeQ zD*lyqlBAVOk68&?`7-{cdeTCY-?pNo?oHR%wWAk1_F zG2;!g2;f5fCXMMpnvwi)fjRuBSqW&(w1Y4s48n{(&_447gc%7CW=f8OFcS*02;f5P zwXiCT()v(etNA=0=Jsgsmikij1 zTnAEeX4rvj9A2Fui}5OmrP_e3nE&cYLkR~0(ptb0jw$)%CmHrXL#cuijy%wW!x&^0 z=>AvBCp_g?8pJyd{Sl=KN;o=z6OJkQ5I;*09 zo>fiBCqES!K&Ob+K}C{@r|)icnusww&8*HQ$(|9z#3x;`OhnqnjrT{!#`tE;zm}?prxI#E*-2w4ywaC<~ z=BEW7tXAP(882-(tQKW&+^lAzghln&@)&$o zUea6=y3j0NUV^GoWh^pwTx9uf{J{$oMN!eemM&?y;aj}oEl5s<<^|gbXuV@^!(2o& zRRyiop^~fEUrTzj(Q3W;a<4>1lG`gIKXdxd5Ix(FZCB;vQzz=D9Dl8HGEYKlN#RLe z3GP;kwJwQ~l0)s1hFNB1;^t5}&#GUmZjLpX6;YLw@s(al9#`y10d?0AWZ7L#v++lv zQY-m{U+TE_kd8E&hf&q-@XfIohZ4KeW&}Q(ab>NQve85d(#v0~#1b`0?wicM0Y_Gs z(fCxZao##1SUwS|$}+(>{9N)?pO@gq2*_RlcANoX$1ou#lE(e&t`qa|+hJR>5(vlz03cTa zfQ$kG*#iLNH~^4KL7YV=fE~kyxL=(Jd4T>q=xEsPq8R{W3JA!j06@+M0U4$x^E`4d z0LT~+J1zpSW0(-LwX0;HO=P4&eLL(O2gKPUL9BCX;K^MbCKM2TI8gdPwh<(V-A@fX zNgqroAo@_C^nq+pM3B`tHSi>TFrk3xqkz%}(=YQPWg^Jxn;LkMKA2EI^dUj%s{n{x zupp~%YT!xwU_!xGtLo>nP$Faf&(+Q01urs@=-e3z@WNE249QVM6<&THq>Fzk=?E`* z84ogx(RcwfTkcRXZ;-Wum$Fw^sP79gg9ijr8ve_1KqlM`d&2$dNNJ5vL@l!zm{|N7 zCro@@=A|p(Q$Gj7P!_GgU9PnhuDRJhz zk_!`JPIA{s+6;DyhB$X4LnI7Oei4wx&i6qfb4yd04F+A15Y|nxKLp6%nmNcCWKR@Vh&T2s5qQ>TOSXv zpaMj{KmiCjL;xX&;{zbh&|zyGiCqK`aRy|i? zC}qciYSmM^2%s+VwfG9;&;=&MP|8jQP1!-BLzw4Pyp(;aXk{{GhY2whwy@W|Zc&QG|3Sl0|I1rHkx0`wXBT90hl$`;XvZFvi{;zH3`Hv{cfr`tJfW>7X zCwHYF3g7P$D%UbDdBw$-o-T`$YaawkYU44h1o*p<(KMwomGrB8GjWwTW?)<44^=~)% z*F!zBc?r=I&8V&u&7D6tqyFt;`H3Fcs@REURHuplS??=9JJ-Km`>z3Y$-3bkp>|aH zq=^pNZ|$f&=lc6~`2PSh&$+?`nde;Lg3NQSFhS;(a=-<7!X)8>%#$qsXOMY0ujNFL z@Nb6rXXgqNWS(<{3o_5S!UUODZ~+r!UZ*5nka@xaOptkKUZ*5nka?mrOptk^Gfa>v6F~x8JLWZ`{(B*Yjsbr(+roT5 z5ca+nwM-2R)%g7hC?NW86F4+9dlObt94wZMb|qObb&Ie%zoAV_%1EH=Dc^8BQnyJq+Ttrixa+hmwCndV*4R0%*!UrHg#8a0A&F z{zP36l=Dqq5&~03ozg`n%Lrj6);xU=q_PAq#L%`k*=!3pY5@s4L8^Ut_wT|Dho%Pp z7Ie}9a|Z0hHMww6=G_eo(=Mh4o(wwSLV+ZW)3MxaeQrxUK2sHz_xyIn3oL0Hq__n8 z?M_`dvG4e|Yg=F$21u37w=Nc^)jzIyfvI4E*UVYT!xw;6m~B zLUN$mToBdu|5UxmkKZf@XZ!sRD9M3R_G-|S9i)cuzqXm@M>8s{;OUnBpOBuQlzsAA zR#-vj&XB2Qp2?IQWMB9bB{@*aK6yz9Om~3+*!KeeTbp@!B{>|TyLR*Cra6z51J>6!T#N}45CT5xP zYMuBe*8id#fwrs{Uy!L!fW(nA^6EzTcd_xitd6`g56x8ndwD~{mL_vgs}Oq#YJRJu z7tHR-tEA&!$0p6TLT8!%jnlB94t2{U$ssT3x5mL9+X7_Pa*%z%`faXPe!SSAB+m8k?wU z<-XP|{a<9o(zWi1Ns?aBG8DwW6;E)maxgJZkk?v(ueDD2n^Q%gwW`cTHbGs0aDdKB z>cY=Rh6Iv-JIw42RdoCe-DK#u2*3vVJ_yi_AV7Zx0UDAh;R6lRqQ3$SvR2-}v}d+f zl>~}{B1E?LcJwxD;c^h(h@ed#-Ub~Gg?S9Q1-QPl+uF;f?|92 ziu3k%AGU0>x2xSU%J5?LdI`{}xzYxng=S%**AyApfe+jYe^yszZ_9(iz(=eBCatQ1 zR+M4P?(FU+ChG+}^5?QY400+-+AM0<2&~A}LBK*mfK% zj96MyozLapVLDwvoR5!h7N36V3+uMV)_RBOe0*loe0(C%PkmgKJiUBfojetN++2J2 zHAf^Vi?SCyof*5*ap$dByAnlqqq0nj5P_@0w@1BBf8H3)9`kdRb^Ysxqp5h4;+iMJ zK5v#H)JjF=I*d)EhtD2Yh&+0&ilN(0H7$0d z)6YxB)Vxq#j=Xe|9FDjmF=*DjGAzEDaV2MQ&is{wndq$S88zg{^TQuW1*HdXSUQo- z4d&zTwfN=uw{Ek~)%D+_Tak5a%~{WD>6Yah!cK7~Z|n%^bl7~;HA}R@PE3hEGb`a% zSnQsTe6RYpO_|jj58abno0abxsIcx;WQFy+^mg}Zq#E~@H~Hl}N%ykP?)$t6T4xSy z6u!DhqYjyupLo02zv!jCd2O05rcm6bW7HyAy0?X}N4WY}u1$=3Qw&0E4ehL(P_}`Q z;qJ!O`c5xTt`T~)nsh3MUSg)b-fhk&+9sXtMQhLJ91N$g?8!>?s|;SgS8wstV>aTA z%p=xHBUF_7qa^01b0_LzsHT*6<{oWZYXZvi51bJfRPlD7m5$*1qPxNTI{#XP`U81p z?p2o9-k8eN_>&h?gXPyAyfruDvCE_RG`Gh=iM1UD>)THliX#<7aPv4+*?{?#ipaS_ za+F0vPi!0Lo2i8ns2;TC*}>z}S#vwBpKU-Kx9G_BY?50au(08D{Z@5RybCe`rx$%K zt|&c6TyA>$hO&}(R}t?%wN1M}7bzVv)9mT=81D1wdsiov-#8yi)qZwpHR~ePebZ9J z!Iyd^IWzlmdd`rV8nZ2Lw+5<89koB`Ii&qeYgh4-HP8OqSQxp3s2WhIIG#A5>vmRo zbe(0%a8!o%0Q49^~uU$&fo*)ietGson0>l%m~au(|;t}8P+Vz_mMU{kI=7pc!h7X+nKpzyWXDXpLbqimWE-adN$G}aZxI| zb$PCvwSfKwLxR(xh}^cVtrCfbcy#mmS!ZX7kPMBY?kX&gogu1kgwJevbf58h4S8e7 z5ceKS_}9glZ%n)J7+Qo2`T6*Sq3*`ccqh8Pi@xfGLb-cGzM1Fv_MzEVXoa46PTsS{8Pi5{$`egdjgJojeTTe`H^#%o0fTXw@H>|y z^evt$&oLs*>*RAhBCyTcP3!Jrp=mY)E9YKb9llO``cj$vbpJh+;rl5q*!d_WLmRr4 z$JL0L+7C3n--P4to_=3*Y4^UBif{8eEsa%HM=E{92)cM?l(*NY961`EWrki@)X3?G zP7n(=JAdb+`EJ?W+QTeo8Q1sk2ur@i;SI{lau_v<8r6sHnzme*A2W$oTzscpQNGP{ z2VOGYpZ~eFN^$14g>B3HOY)u`+th+win|@2e+_qX*d8VHQ23$~*KPc_7gnQn6yAYe zlm)%8|-hI)nx*Pm>#oG%c&IdEa&KTaye$u<7jBlG% zq4K`!zlbA_&PwVR{Iz$Iwdc`~u72fI@mZShruNbWMh)%at1mOsKF9_NTTt~M%t9}v zl*ug4eGy@{Q(-Q5SreYBp?4=Ja>F1(IpDU;tu2o7Yda5ow0+__tXZ}{dQDXN8k+4` zuEovMmGi`uW}qYQQ)94x>Bum<_q{d+8r8;+?ksB?qJ8+ye3Q-@oLvIFAQ{?E=0h)e zU<=0G%gNmfW$k<1$rubcv6s%duA5)7tpc5TpPzbkT4klAbK#tmZsMP= z4@a1qToStZe8%Z(3dS|h7N`$K9U5<~az7YVuYF>9fl#~$eThO}-~TxcACo}x6TtrdX@?tQ zJv8XKO6X~^?;nM}pPoke`O}9n9!~%2<4$R34y}P`yfgPJmET7=J?$klAhcY)jykzH zef?AA_W>s23dTp}qNGB|*mY;~E&BfHiNF8Ma>2>0K_Ee0rwO}HZtclVh6D7M5$~I;!Nm@{pEwmY1nHFU?NhL|r zSV9cRGA8R7%Z!=%e@x|8_j{l3=lq{<&%M9H{rKWWsJh714dU9|*Cz|I zG>f#Xw!PbX|Dl-AB4qgS?GLqZg`11QoTV}IcT#59to@WaOYW>`SnIMYVtjL@&Ob3c zlI*-V$~Nhk7vI*7%Wp4M=WONp-z50B>mG;ed$yvj^ttE!&v-DNfY%`Z1_Q1~ZTrx!fecxTe7F7QOs z?6yPRno7*WX^*1#B*Z?uub*9+duB4;Bwf<=^u>B6L{&IR9rVzN zv7f0s^G=SKeeNqn$rFFfi*_Ye`nD5SSLtYY*B|froK#rQ&}5S~d*9Uyr{tZVSj!Q0 zz2ur!)rN5{ykorV`GUG=<8R+wOG-8R85rx^{+4T|@$uc8#m6@X0>;x3>27Q7Wc~He z4dc+1n>9Fplo4kKaHf4KD5@=x%`<)&w-0e>U)Pf^#RvUKMIWZB*l`Ny`#53sZkU%cBgN21T3 zPMu9WuC;M$F8VvXWFDKE`v=Daqw;=Kl57qvnWbDefxK6X$svL&*p zK9Tei6?RKWCQohCi8H0=&&)ZWbVdG3rntDmb=gb7XT)Wj+gA)+yYhZ}`K{^O+QhSJNej)UJ@e^Usge9?(I;>0LchRmJ2sd% zxXt4_)tD-HqFtdZb?4n zlTERwjcQ)^-N4!#X9!<#eovez6lVwbX(6u6HfzrdS})(Gj>TNB-?e}fK`)rv`6;ct z)DOE>=ghRAymnc_N_7hfHD|Hs(MuTT9z_Lvzkp{Oix*&02EDXmhQMO-iOp=IjX;Hgu)k zS^Nm&<++wd{U|HA{%~HK>glUm2M^lNhr(3`z2}LT_z`!bk#0C%a>Ss^h zCRuI1Wo3ys-aYl(*Mu>tgw&9OkFe^hFkk5K3!|f`6xeUK0!;RZl;N|V~@&(0$Q5J z`Q=D8w%^Si0klvni}tzZVT(5JTztq5wN~lcvpi3HXa?({N$>mXwleh6!(Z63`8QuL zF>4EJI#m|Lz(#rcY*)A=_cAG`^*zD6WC4QzrR$@R{LK;7*kh`ly@!tHuVdUDHfkt+ zI4byuV{L^N$miF#bzjZp<6EdcgKz#<$MV3qI=I$IG4msG+C3H10-?kkQ;pHkj(sW+SGsqqRkwLFgM#7cSu$GF^h@sGPZ%`^z zM^`_mjCHevN!T$ugOM!A?PoW5Ah_LTc+Ma-7|(8x3nOx{Y<5`~3CAsFaRH3I? zBkk-wK|}_Lm4#;abfIgdkO{uh^ihX))ml6&yAJ2#wgr#na*(R{QVYr(ydo=)CWsP6 z<@>tTw_HH0j|_5x2bg(AMT~|lRg;8SEp6#W7>;*iLSYXD$0!+2)F|L`+C>aYnAEmp z@^*@^Cl{YV@vWmV8favx#95ue+`($}iP4SSy~GT|VlJC*jBnz!WjcpC=COy1!%(Q= zfoIZ5?5Qde`raoZd1S_eDI zxFcg7sy3|%9BWiY{t|wWKC+9|Z&pFF=bGVBe(78+zZl8+ED7IDPb1OjF|u{K#O7QbQaW zr@>b7Prya&Cx62I%e)S*W?LlfU4o_{D(T z3L^80y!j~CUHkOrOLJzQ4HlXvEr!F5EqMP9J3=n=z;G(cDlX`-2Us*gB&7h?*A;o0 z%siP(Kowx=L#>*7o+0TP*ldcWyJfKI0{lCiCzsk0ls?*%r%KE~sf{2og+6@)!Q`}& zt~Lb4f{PN&yZE^5^D}uCjhuBZtTx#s_n-vH$|!XxQoX8e=^Fl|8?&ndcD|djMH4xn z|Mt<@ZvuAQmwsB;*54Ub)+!+{rY4Q`GB5S=$dw6w#J3;DgU6d;Pe7YL0MdS zm%Fk0e3JP-!8t32>z%xZosG0Da9v_8% zRLjvTENOkF(WdAx4>GoDE?pyV^~OAS5R!`U`J)!Y0|NCy&7k0QTg21 z_|?M=Uf#oRQP&$6;mS`QH*&WYo}nq5!vFY&L}q~DJCW%{Yohrd9hJB%=yKXxo!$1@ z`}{hQFhQf0gkt9cE4?&bQpx+^zgNd5Rzq*C@!9LH=pPQ5y4 z`CqaTME?>c(y@RrQXnIKCO}7AWVYtoSNwlzUN)LO9KCl5_|ezv?yl^QtF1*K^0C7` z?BuAClS9L3g6BvlYR7<$=fxcSa0@xk3`0byF^2{tXz9ZU3zR3fv7BX0G#qZnG_k2g zz0OT4csjM5(NdvM@37*WK#0uT;{oP-gmg7mrr^)6=E~McCG-vz$B_!L400foP4z-y z_a5$kG-ohCQ(?xc_*!gB{!s6+6Uja=%@U=@dRj|N!V6K2d!*yLZWSL8o7MWI-mAat zG5r(t^ZBhq2ZP$FVS(S0>r!YxR+6ZJ%hkwbiQ=T+W_b|to}(?~@=<7tEk(U}wIe3U z9j!$ks6z50la`IRbB+fyh8%vD}`vh6?0BAh*9wfHgRPY9je? z*+#(_8}4>8J{!kq4^|a&Ic=FXP@YFpgO<=T6EFG-Zg+VyipxIbgC9I?%bAO8=xBvZ zNfqI2k&iG^#A{TECEGB_j9`yM(vIs1p~H#k7sC>{-ricAu>o>Vs`qFMvxu6~d_KQijaDI^A(b!XD>eOP&fomYzv zi)NH;#yD{=*N%+ljtuF|ba>0%g-#Nm#pE@pKiC4Sam zcL&YMM>;uJ!-B-@FOD-psgH1&Z6ydJ6c(*^p7}nc02Tk5N~IA|92f7jrm_C=2J)ET z9A%Wz;MlW*BC;R`&FRiVP?{nsn8N&wEWL`+bzXz)FYAT}KDDp)Vz<*Ho;18DK^RK4 z*ohGf&0|n@W{p8duGZqWlylj3*N}C&oDpgn70aYEPUEABtI_r33Mo!7x+k?sx|`L8 zq)3yj5{rX;ah!KA?cS0SuJy-lb{@hHYi+fN-oOk~P44ySweaOQ(+5h7dNH%O4A~}P z(?{%=R><)Nkjcq3w4sj|W2mGyvAC~=?U9`ATkW>#$Oo3Ex3NYcx4$^55swRb8^yff z6OH`R^2wl#%3uv6DA(teaC*J)EeTOfyT?4)7UKwKO!lEUOS>_+`>~c%`NowYRUNR$(iI!eL>fLuw zGV1gmiw{NAT@|%R{1!QLO8m7Kf=IM)q2MODjTqv|3+6|n``Wj=BDjn=Oa>G+B%2{I zO)kHZo3=u~!M`wvJUkG8j#j=sRdZ!c7 zi%PkkUWz3hM)rkcti2<_NHZ?NIpH{Nf8l{~cHV6$#$lAF z)5uc?IY>+fx39hPyiPB}-a5)qmE@i)CB+cgx~BKk$Lb*CVe=g1bz0-PVc)m63u;q( zEN(M>E-jS5#0)m;VJ&{)PBf<1tyy0kWkKJ1t&8}k8Re8($R6yfF6M?d^bn&zr|<6> zpPcLX1!bj6iM!}Qd0CEFnEB3LZ*zlERBxJCI?dwqA|N*r)bnpcJaC)-%zXE+LTd8 z$!nc@#L*>sgJviC5}#;Oa38o`Jz=r!s<}L}qNvm3 zpL_fD~%m9|G24t>h?wG?a%S~Awt(a=Md8yUtlQClslgAVrOgrYYM z=hgPJ@}+-4BlIg8LE~tYF~`xk%R{4#+1-1^ypgRp3!QTp|6&FD@m-2~MUpkUr_y6R ztz?>N8M9H5k^}v6aNRXV1-JWbG4$V3AKyi9svCP>YGGc3{Bk4zexOf&mh14DVe=NG zny3e{Z`jMO9y0hIA(%!;}UCswM05(iG!2}8s#<-N0mvE{#*Cci5EYkoRmrI z9eL?C!`{hbJ;sTNtzB)wr0dQPpv^d=jn(6Yi}~aN`O24G3oe6MoUDpK;dO_G4m9Dj zM_;uM_dYnJ9ewK2LrOuzR=DFvN77*m*4GuRs)OS5g@sV%yFsg6r zU$nfu!0^|Z4Se^J6r|p87AuLRF^9cSDHiUgZ zv6_HBYWP}7R%gkF5U>Yv$ zs=4$pBIJnE4H9amyJTRo1dY8l06wRrU^i&+y&!|{>Js9INvPAVKAk20FpaTc%+2*T z4V~95B%QikoIhZXxUiMxG97^!87awty?cc1HJ958#NUvb8DOj+e4=RC0kLK^yR0Qe z%TMtKY!jccOmn>sf2z!!&jDI{W~|kev*o{c<6G!lwEh4;ZOZl4-A|T#-U;0%E~KTo z;^+8V;L?q`?g17GLOY9AL(|DRctV%*?DopnYZO#n2GX>Vu9Hbuw8oU~0 z@CRF_YRbU2!2KXbQUb)}0oX<|&SW|WlgEIVybHu65ZJJpyq38dvcNe&^S%W#ZzCWJ z3;{9{V-O=*4P+$RAV!jq0%9aUU~h6-X6FZMaah?+g;qdQpn0c(%-aOWNYa3e1jx8k zfsAAyh>;`%83_>BhH*LzVQo$}yM4y@U=xse+W^g5AIM06_A*5vBO!noNd?eK5(8u; zKw!fTcn-c#fVRmBAmh#fnztE3N3!rTh2yBpTva6xtO7jWUCWlDB*?X7i>hE47yYlwu z$bh|j*XkPBt&vN*Js9b~aqp_v`Ult0E`M3(`8ec8*EHR2!m<)82`eHauNb@PYRbya zO(G~oUVCrs{d(I1**VsP^^pvn(-PS1kme}Wvk06|xTf*Z83vbSRaO$JB4b=lEY})b zO;u4Q)KtZIlaDSmh_F+UBQU~GS7I|m+M_(K5JPXt&d|RpyYU6#d1UNH6X&)1NvRvF z2`{T+x0qlS>fg58SWbA6Dg9nPHcYh=`^EPBR1@3t`VV9`BoW?3#?3IXOVfXxy5TY5 zZB^WKvTdyXBfAavf-^6)M;It2Zi>D2R5Es%iKDK5s;pug;hAadS`#OG{d=j33__7o z>?*S3A${7??pveobIOxL32PLB2(KjLW}Dc**3U^*xJr0!8n@8Ip-aEOPT>-vR4HyA z*;^;iR--|i9&;P+v@4)#_rRX^1p_5C%xTB(qT7>uK4KT#+6@!IxSEcx*Oih2gm;oL zRwh=u1~Ia#a|!QFW9&_i*&D>Cs)`aSm10hitqzIVNtGKca%a2)dAd#IoMg0?$?@|B zA+pNWgpa1tx+d0X2A5KmPZ64wqIZ&y#~NI)Q@?XWN!97y)drcpM`2mY$4pH#=Rh5Q zS*0C>50TM(O-{Tv2ufAjN2srgK4fCkWe{kmWI(9PjIP;Uzr&3@{YZ}JGWZ|y@1OLR zu=ZjIYkJ5r?FjhzZO_uY1JAf~>;k280U#NC=Oiu*&l8;MZv=x-qwc;)8?LRYblwCp z5wXVUmtigq1X1r!5L1NtX?z0WsFWS0K#n0%FD$gqh1A%!GXeVdgUk zGs}UT04CH_HE64GdS`dIas}*VWbgwBGbKRGoCaa$0T44lKJx{HnPWiAK3E)EQrIhGYe}nu4ezdC683V#h1(46Q zgD|5A#0<=Rh8JQFz5!vz28bCq5GQ~O_1oK{Sn~AvCvy$phwl|YKGOrjj2jR$K>N%` z5N0}nnDGE%CI`p~U_$LKT`m=;(wTYB_6q!{xdnt75fEl9fcBYZAk0XCFjL?H!b}hd zGf1H22`{GB=NLTEB*4oZM_oW3wgq|E6XfCJAP>8PJnRVa zFc#!tE7%Y7l$_~}AWDu(=W7rrSO?;a86cLL3zRtit0xU59NC}=M=;3h^zW8Wx^Mk6 zlqx9UxDA|e0C~Z`T0Z$2*8T&ODla7j1~lQAluv#*=YZ7R5}@Vjw;=&cG>}ORy8S~{BZCM9cTUnlqx9Y z7zI76N|=;Sekd@2P7(ipr3yN$LaKnCRZYq#KbIo>1C%P8O6*{_(<1jrmuzEU>T%Vp zVjTnZVQM}tAP-l9JlqfRa4E>cRFH@3Kpq|idH4mqhsV&lUltv7IZ}74Ig%rB&oO|1 z+r84!u+PJfrQ`eu*Dfpj*tD^62h$@K5w>uUvWT!dO}}Wox=3lIiOSE_ON8>wxLIVo zTz!wr7G!MI4Y698z1B0vt6gr%#ytGFm`2%&(C8j*NVd+sFc{l@d%AD-^vi2a6rlPk zNrTczgP#hW((M$x3B~TQ^5i3TYLyVmoyE%MOk)DZtFvr%364J(02##DsV*Uq-D7%| z6%a;KG!Yq^cV0`5ms;&G*=YT9O_Y7TejZgJo>1m4MO7}}CCYRWUAB*K6sr7@jlCip z_fw6|e)5TWgJ7!C5kj60(N4quU9f|A>PCU_s;tUL{kos4zG79#&Rg`8sSt4926W>< z4f8;qtFqBhwbFUQ@z;c!A8X30Ghm%QRUw|#6lRiEY$v=L)@!`f^h4-XLkiQ z$YcPJ6G1?B2LL%41mq(CAX5QAHUhEZTmUyP z1^_Y=1mqk5kjnt<7!6{_Fd^m|(pkoVoTk`Su$PNM5KHa`02u=UavlK44FDihKtMhX zV8>Y?b_^3@5_zmYMH7!Ph=9H0pg>#%WGkB-cw$$F3k5_U6a#?K2h%cmdo|1zoEM3p zCI|i=l);4pqK^Sc9|^?!K=y{ofhW8VE))=bY*6|@oCIXoAx#ea-TUA|0ntYXqz@0` zeI)=v!{opd-Uk;76nTt8;#S|_I_r~R1~2{5s~o~%hN<)o1~oD!@bdfGW3hKN3GmYJ z-V&vQf%@>WWt24exadZBDLV(NAEEpTCJ;1$4+k<~JnRWWX+tZNHuw}P?S_ZNZ&D5> z#hL#fafTD$-f??6yFl3hz5@0elmlMeIVsLeh>S2H#wU-0hMm7dIpE2Rlj6+xumvu} z6gwQs{vG8oc?G9af z2}}+=K_5&gAo}p2-WLXN=D`8k`z8mTpbsV#Oq*B~rx&l>Nm@jPF8P2{Mu1ZzlrB6D z@3emmM89AF2stbOts@LXoIwDHGu{B=49J8NVNV!RJ3XszaGMkWQg#rB0y*hJfEad|u*KU_|L$gIgpf%i@EMypGbsJ7gUdR^b%kqnzcVxiz=v>kyYceA6vQ{@#0eG*>@syxa1} z4$NQgNB`b?DFC&L8bIBaIX`q@{^`d3Z@rhY(eh-c@ovi>Ixzoqpa1vX%Odv}=kbQt zA3HGrbUFXG_SP9tyJ#HL(CYd_lk1=EivQN$YNBw2&@kT6`eT#pulM+WZ*L8N+C|43 zTFvkLC}#iZhWl>~u9EsuR28VDwe4%0YvTCM_@_(%{{m!Q2PRCAd5bn&kjEEoxFGWu zZI~eQ7Hzm7^GZbiJIH^C+5cmRe-yJ}g3J@MVS>yPv*CiwTeM+<%v-eKg3K%AfC)0M z%LXRMXb?N*iP`^Kh<_Bb;eyP|HerH{8SlV^3o>ufh6yrn(S`{!Z_$RkSnxV9VS>yn zbbxEeAd3Y|h=0^$;C?=sL;s=2Ob$GLxdV_5!NmASJq9kyJgoqx^PxZ%m&t)Af-;y; zKzhtDmrb0`_Ba+xfESE>*JI!;a(Ioe8Vek<$G#Q7z*>vGX)Lf-<&LkNOt7qz_*IXA zwT)1|2~)6uKmhUUdyxkAh=Yz6MUIEPHz~fiE{0=Cf`lX2q z7`P~dY{9&`kI8|@>H8f}K=e)Y9Kl4H1mb-lLHOjr6L~dUD85z?lCs9H$AYs#eZL+H z)~56QdMr4b162PFvbrEZLL#1`4l@-99xqJ(@4L=du@}UUd4&=GV~Bse9t$SOAZtJ( z2*{J-45Wa8h%-N4j|D3(gN}TEgL3eP+zU4#niOXsCHKecv0yG2yz8;xf($eD>rs94^Grwl{IZ3*4v$Bz%`4>fyYlfAo?b5c!5bD9%QfP-S9Fw@OaMf zJD@;8-iPO=YjPW-2{41L5&-=o5k!;tRsaJhFdOsyS^xvfFh=3(7tsFu?ba4pG4(J2 z5Fp|V_ghQXe+L3mJI5=pdqu}DDu5YPivb)TutCE0$$=-1mEl6stAwAZfPqP$5eR)C ziNNH*6ZFA_0-|rC=LjZ!ND%r!QjE!gC+LF<#n6Rg!b{mL&Gz?2;ckTv-JTbp_Q86`QrN`G9+3Uj#t zsZIcD!~jX}|L$gze$z!kW(FfW zV^_f+yHxp{WHj7ae_p6PL;t4i#utR=k+B<1oY(3n{fF~^>G#gDaSPp{gD3&QJINR; z6DwVV7+KZ1g!iT~e@fZJ>{QDQM7Kao0j#g_jcX@NkB9Ode_5p+gb$I?dreNfHV8_E z?mhiA$*kF4Z{TJUXb9CnK9!7JX5y%;pDL@^MtEi#yLSBBQ-AuZSK88ULQbmYYM4Nu zCV#BD5dlIWT$mBbUQJauk{=Ov!v`92F8Dx0GAVqZp{*D;&~HJ2wgCb95eU$AFzuO3 z82v_VUV<}y9zK!enmmg<$* zQ~Z_bdRU>-bUkk&Qi41wKJ=)@k(%wchEY`U0CEyX%wmk|iJ@R~3i9@6iFqJ2@CBou zzQcnlq_MHFEOM}zM=uGj)`a)+wm~(H;kYB7TxvrDE2fJYae6qMe%1>*a?Fj} zSDQ6FI)vV%H;rGCkB?7?Z>v+OX>(muwbe8}K7DCEK2hkmo{mU2cP~e4H+fGd$L@m- zp>Yc0?77bcBUcPr|{@aBkNiN ztvQ4TjoukPO*$42)qVD>m!#RRIpcOc$*5Ra#5(HK%{_r_R@?44riqsvkw8vOO^Znh zj@;jx40$)Z$!$Qskz1)RxX(=v?&0`Je|;)&KBj zk*o8St5BI)v3K)*@=7fX-rrWogju>8%?rtRR7pbs+XcnPVA0Z~OhIYnDI9+Rp z_P)ARn%1SK)(B^>BA?En7wB(Y?=-WMwnc4s-r92+M?>fGyN{pShLzpUu+U{F>FnDt6#kyJFmvCdZ&^&!2uPMsBz_b zR9;esfZcCYhGO2oEx@>v=Lh-KNj1k?sP_B zWSvpLP&< zt`CpQ+jlbZp0C8>OZGPPZkJahwa?hgE?qWtsl7;&zrCz_RSjuV#sUrbmD&s5#_muw zcR1@HTd=coZ&Qk#cG*0sjmH~Q49c_`4`WgI9mhhL?;bV>^WB=MDfn2RMxKGyUq#57BuT;|*6t0mE zr?Vti;b6rz((rK`q|$kxt;V%mXVYz0y|ym-BF%Sa>*BdPYFZ>$U1Hq+B;zY$NY#8S zWVe`7gjn$KRj9tP+$`?WdID8h;~p+-Q@@x3_AVl2`*GQ|ZHGUbKXV*XDLQmzO?c88 znmO~K;T^xS*%HXjG#skr-dbeK=4ZDr4OwT&T|7MGg`hKtNl8B&f)qW8N&I%j%#ZJgcci9Yc%>Eo z%6#+ZGsnB@R-b7)Dazcx$!KKxozs2%FYdoV&^;1Yvkx!y61&On^{F8yMZ7c;J=da6 zL`~VFH)X2iw68n!W@u*?)HJa2hfsU~{fI+9-~aK05a#1Mjybl+731QDv~+P92lm%@ zn?}xm+66sV20bnD{jJce-xT7H?>>fcwf;|Ux4!Lfxdx)~-mI@wejmYa$}4C<$X(rS zt(~mD{<-1T0mkEs=hwD%U(JP#U3~`M{O|7`|Nr|h6`1gMH(P6KcQ+*OE(ZPtUY=H)5jkYhW^!nwvRI< Date: Mon, 13 Jun 2022 14:56:43 -0400 Subject: [PATCH 7/8] remove analytics --- .fides/fidesctl.toml | 1 - README.md | 2 -- 2 files changed, 3 deletions(-) diff --git a/.fides/fidesctl.toml b/.fides/fidesctl.toml index 27797c0fcf7..4bba2a13dd1 100644 --- a/.fides/fidesctl.toml +++ b/.fides/fidesctl.toml @@ -9,7 +9,6 @@ test_database_name = "fidesctl_test" [cli] server_host = "localhost" server_port = 8080 -analytics_id = "d615f75e813f4b34ac29a26877f0824b" [user] analytics_opt_out = false diff --git a/README.md b/README.md index 81a25a675f3..6d057712209 100644 --- a/README.md +++ b/README.md @@ -118,8 +118,6 @@ This guide will walk through generating a mock RoPA using predefined resources i Now that you've seen how Fides can generate a data map from your resources and assess them for compliance, learn how you can [extend the Fides taxonomy](https://ethyca.github.io/fides/guides/generating_datamap/#extend-the-default-taxonomy) to replace the missing values revealed by `--audit` with additional data, and apply your changes to generate an [Article 30-compliant RoPA](https://ethyca.github.io/fides/guides/generating_datamap/#generate-a-ropa). -To start from the beginning in using fidesctl to solve a real-world privacy problem, follow the Fides [tutorial](https://ethyca.github.io/fides/tutorial/). - ## :book: Learn More The Fides core team is committed to providing a variety of documentation to help get you started using Fidesctl. As such, all interactions are governed by the [Fides Code of Conduct](https://ethyca.github.io/fides/community/code_of_conduct/). From 925bc9c2445469905a1c58bfbbd5810a9d8da160 Mon Sep 17 00:00:00 2001 From: Thomas Date: Mon, 13 Jun 2022 23:35:35 -0700 Subject: [PATCH 8/8] Update docker.md --- docs/fides/docs/quickstart/docker.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/fides/docs/quickstart/docker.md b/docs/fides/docs/quickstart/docker.md index 90b40810c05..7b322ea0879 100644 --- a/docs/fides/docs/quickstart/docker.md +++ b/docs/fides/docs/quickstart/docker.md @@ -8,7 +8,7 @@ Docker and Docker-Compose are the only requirements here. 1. Install `docker` locally (see [Docker Desktop](https://www.docker.com/products/docker-desktop) or your preferred installation). The minimum verified Docker version is `20.10.8` 1. If your `docker` installation did not include `docker-compose`, make sure to get at least version `1.29.0`. Installation instructions can be found [here](https://docs.docker.com/compose/install/). -2. In a new project folder (or in the root directory of your current project), create a `.fides` folder. +1. In a new project folder (or in the root directory of your current project), create a `.fides` folder. ## Docker Setup