Terms of Service
This page outlines the terms of service and use of Gruntwork’s products and services.
It’s important to understand these Terms of Service, as they define your rights and our rights in our relationship. But legalese is not always easy to understand, so we’ve provided “plain English” summaries on the left side of the page to help you understand the official legal language on the right side of the page. Remember that we’re providing you these summaries for informational purposes only. Our actual Terms are the ones on the right under "Legalese" and will apply if we ever need to work through any issues.
Last Modified: September 10, 2020
Need to modify these terms?
See How can I modify these Terms of Service? in our FAQ.
These Terms and Conditions (“Terms”) govern access to and use of the Gruntwork (“Gruntwork,” “we” or “us”) services, including all associated features and functionalities, websites and user interfaces, as well as all content and applications associated with our services and any other deliverables (collectively, the “Services”) by individuals or entities who purchase, or otherwise use, the Services (collectively, “Customers,” “you” or “your”) and your Authorized Users (defined below). You and Gruntwork may be individually referred to in these Terms as a “Party” and collectively as the “Parties.”
The Services should not be used by anyone under the age of 18. You represent that you, and each of your Authorized Users, are at least 18 years of age or have otherwise reached the age of majority where you reside.
If you, or your organization, is bound by a Website Registration, Gruntwork Subscription Agreement, Master Services Agreement, or similar agreement with Gruntwork (“GSA”), then in the event of a conflict between these Terms and your GSA, your GSA will control.
These Terms apply to you so long as you are using any of the Services, including, without limitation, exercising any rights under the License (defined below). If you use any of the Services, including, without limitation, the Gruntwork Subscription, the terms of the particular Service also apply to you. You must have a current and valid Gruntwork Subscription in order to receive Support Services, Reference Architecture Services, or CIS Compliance Services.
BY ACCESSING, USING, OR COPYING ANY MATERIALS FROM THE SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTAND THESE TERMS AND THE OTHER AGREEMENTS AND POLICIES APPLICABLE TO THE SERVICES AS DESCRIBED HEREIN (COLLECTIVELY WITH THE TERMS, THE “AGREEMENTS”) AND AGREE TO BE BOUND BY THE AGREEMENTS. IF YOU DO NOT AGREE WITH (OR CANNOT COMPLY WITH) THE AGREEMENTS, YOU MAY NOT USE, AND MUST IMMEDIATELY CEASE USING, THE SERVICES.
1.1. Revisions. We may revise these Terms from time-to-time. We will post the revised terms to our website (currently https://gruntwork.io/terms) (the “Website”) with a “last updated” date. We will also notify you in advance of any material updates to these Terms via email or through the Services. If you do not agree with an update, you have the right to reject the change by terminating these Terms in accordance with Section 5.2 below. IF YOU CONTINUE TO USE THE SERVICES AFTER THE REVISIONS TAKE EFFECT, YOU AGREE TO BE BOUND BY THE REVISED TERMS. You agree that we shall not be liable to you or to any third party for any modification of the Terms.
1.2. Notifying You of Updates. You agree to receive electronically all communications, agreements, and notices that we provide in connection with any Services (“Communications”), including by email, by posting them to our website, or through any Services. You agree that all Communications that we provide to you electronically satisfy any legal requirement that such Communications be in writing and you agree to keep your account contact information current.
2. Authorized Users
2.1.1. "Affiliate" means any person or entity owned or controlled by a party, owning or controlling a party, or under common ownership and control with a party, with “control” meaning the possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of a person, whether through the ownership of voting securities, by contract interest or otherwise. For purposes of these Terms, the term “Affiliate” does not include your investors or entities controlled by your investors that are not involved in your day-to-day business purpose.
2.1.2. An "Authorized User" means your employee or contractor who accesses or uses the Services (including the License, private Gruntwork source code repositories, training materials and Support Services), and accounts with access rights to the Services, including the License, used primarily for performing automated tasks (commonly called "machine users") on your behalf.
2.2. Affiliate Usage. Gruntwork agrees that each of your Affiliates have the right to use the Services, and exercise all rights under these Terms, as if such Affiliate were a party to the Terms, provided such Affiliate complies with the terms and conditions hereunder. You agree to be liable for any breach of these Terms by your Affiliate.
2.3. Authorized Users. Every individual and machine user that accesses or uses the Services, including the License, during the term of this Agreement must be an Authorized User. You are responsible for all use of the Services by your Authorized Users and for any breach of these Terms by your Authorized Users. You agree, on behalf of yourself and your Authorized Users, not to share passwords or other login information with any other person. You are solely responsible for all use (including any unauthorized use) of your Authorized User’s login information. If you believe there has been unauthorized access to your account by a third party, or a reasonable likelihood of unauthorized access, you must immediately notify Gruntwork and take remedial action.
2.4. Adding/Removing Users. You are entitled to up to the maximum number of Authorized Users specified in your GSA. If you wish to increase your maximum number of Authorized Users, you must purchase licenses for the additional Authorized Users from Gruntwork. Authorized Users may be added and removed by contacting Gruntwork at firstname.lastname@example.org or as otherwise directed in writing by Gruntwork. When an Authorized User ends his or her employment or contractual relationship with you, you agree to remove the Authorized User within ten (10) business days.
3. Additional Terms for the Services
If you use the Gruntwork Subscription, you also agree to the Gruntwork Subscription Terms.
If you use the Support Tiers, you also agree to the Support Terms.
If you use the Reference Architecture, you also agree to the Reference Architecture Terms.
If you use CIS Compliance, you also agree to the CIS Compliance Terms.
You must have a current and valid Gruntwork Subscription in order to use the Support Tiers, Reference Architecture, or CIS Compliance services.
4. Compensation and Invoicing
4.1. Pricing. IIn consideration for the Services, you will pay Gruntwork the fees for each of the Services you have selected as set forth in your GSA (the “Fees”). Gruntwork may change the Fees charged for Services, from time to time, by submitting all changes to you in writing at least sixty (60) days prior to any Renewal Term (defined below). All price changes will take effect as of the beginning of the Renewal Term. If you do not agree with a price change, you have the right to reject the change by terminating these Terms in accordance with Section 5.2 below.
4.2. Deposit. When you sign up for the Services, Gruntwork will automatically charge you a $500 initial deposit. Gruntwork will review your order and approve or reject your order. If Gruntwork rejects your order, Gruntwork will refund the deposit within fifteen (15) days. At such time as Gruntwork approves your order (the “Approval Date”), Gruntwork will apply the deposit towards your Fees.
4.3. Billing. If Gruntwork approves your order, on the Approval Date, Gruntwork will automatically charge you in advance the Fees owed for one (1) month of Services and any one-time Fees. Thereafter, Gruntwork will charge you the Fees owed for each subsequent month on the anniversary of your Approval Date. All payments are to be made by credit card. Alternatively, upon your request and Gruntwork's written acceptance, Gruntwork will invoice you in advance for one (1) year of service, and you will make payment on such invoice via ACH or wire transfer within fifteen (15) days of your receipt of the invoice.
4.4. Late Payments. Late payments will be subject to a 1.5% fee per month, or the highest amount permitted by law, whichever is lower. You agree to pay for all costs incurred in the collection of past-due amounts owed to Gruntwork, including any legal fees.
4.5. Taxes. The License, Fees, and other amounts required to be paid hereunder do not include any amount for taxes or levy (including interest and penalties). You shall reimburse Gruntwork and hold Gruntwork harmless for all sales, use, VAT, excise, property or other taxes or levies which Gruntwork is required to collect or remit to applicable tax authorities. This provision does not apply to Gruntwork’s income or franchise taxes, or any taxes for which you are exempt, provided you have furnished Gruntwork with a valid tax exemption certificate.
5. Term and Termination
5.1. Auto-Renewing Terms of 12 Months. Subject to either Party’s right to terminate pursuant to this Section 5, these Terms, including the terms of any Service for which you have subscribed, will become effective on your Acceptance Date and continue in effect for 12 months (the “Minimum Term”); and, thereafter, these Terms, including the terms of any Service for which you have subscribed, will renew automatically for additional 12-month periods (each, a “Renewal Term”).
5.2. Termination by Either Party for Convenience.
5.2.1. Subject to Section 5.6, you may terminate these Terms in their entirety, or the terms of a specific Service, as of the next Renewal Date by giving at least thirty (30) days’ prior written notice to Gruntwork of such termination. Upon receipt of a termination notice, any outstanding balances due to Gruntwork for the remainder of the Minimum Term or Renewal Term, as applicable, will be due in full within fifteen (15) days. For example, if you terminate your use of the Gruntwork Subscription 3 months into a 12-month Minimum Term or Renewal Term and you have paid Fees for the 3 months, you will immediately owe Gruntwork an amount equal to the Fees for the remaining 9 months of the Minimum Term or Renewal Term, as applicable. Gruntwork will continue to provide the Services for the remainder of the then-current Minimum Term or Renewal Term, as applicable, provided Gruntwork has not terminated or suspended the Terms or your Services for cause pursuant to Sections 5.3 or 5.4 below.
5.2.2. Subject to Section 5.7, Gruntwork may terminate these Terms in their entirety, or the terms of a specific Service, by giving you thirty (30) days’ prior written notice of such termination (a) as of the next Renewal Date or (b) in the event Gruntwork discontinues all or part of a specific Service.
5.3. Termination for Cause by Either Party. Either Gruntwork or you may terminate these Terms in their entirety, or the terms of any specific Service, at any time upon the material breach of these Terms or any published policy applicable to the Services by the other Party (or an Authorized User) with at least fourteen (14) days' prior written notice to the other Party, provided that the material breach has not been cured prior to the end of the notice period. Any such termination must clearly identify these Terms.
5.4. Termination for Cause by Gruntwork. Notwithstanding anything stated to the contrary in these Terms, you will be in default of these Terms, including, without limitation, any terms applicable to specific Services, if:
(a) you fail to timely pay any amount owed to us or our Affiliates;
(b) you are or become subject to any proceeding under the Bankruptcy Code or similar laws;
(c) we, in our sole discretion and in good faith, believe you have breached your warranty set forth in Section 15 (Use of Services to Compete); or
(d) if, in our sole discretion, we believe that you or your Authorized Users’ continued use of the Services creates legal risk for Gruntwork or presents a threat to the security of the Services or other Gruntwork customers.
Notwithstanding anything stated to the contrary in these Terms, if you are in default, Gruntwork may, without notice:
(a) suspend your account and use of all or any of the Services;
(b) terminate these Terms, including, without limitation, the License set forth in Section 6; and
(c) pursue any other remedy available to us.
5.5. Trial Period. You are entitled to a 30-day trial period (the “Trial Period”). If you use the Gruntwork Subscription and: (a) do not register for the Reference Architecture, the Trial Period will begin on the date you receive access to the Library Repos (as defined in below); or (b) do register for the Reference Architecture, the Trial Period will begin on the date Gruntwork commits to deploying your Reference Architecture. Notwithstanding anything stated to the contrary in these Terms, if you terminate your Gruntwork Subscription during the Trial Period, (a) Gruntwork will refund you all Fees for all Services; (b) you will not be subject to the Minimum Term; (c) you must immediately cease use of all Services; and (d) the License set forth in Section 6 will terminate immediately.
5.6. Effects of Suspension or Termination. If, at any time, any of the Services or the Terms (or any portion hereof) are suspended or terminated for any reason (other than by you during the Trial Period), you will not be entitled to a refund of any amounts paid, to the fullest extent permitted by law. Notwithstanding anything stated to the contrary, all Sections of these Terms that either explicitly or by their nature must remain in effect after termination of the Terms, shall survive termination.
5.7. Post-Termination License. If, at any time, all or any portion of the Terms or your Services are terminated (other than by you during the Trial Period or by Gruntwork for cause pursuant to Section 5.2 or Section 5.3 of the General Terms), the License (defined below) will remain in effect for (x) all of your forks of the Gruntwork source code repositories and CIS Modules (defined below) as of the termination date, and (y) any Reference Architecture (including, any source code repositories) created by Gruntwork specifically for you. Gruntwork recommends that, prior to the termination date, you fork any Gruntwork source code repositories and update your infrastructure code to remove all references to any private Gruntwork source code repositories.
6. Intellectual Property Rights
6.1. Customer License. Subject to the terms of the specific Services to which you have subscribed, and provided Gruntwork has not terminated or suspended all, or any portion of, the Terms or your Services in accordance with Section 5.3 or Section 5.4 of the General Terms, Gruntwork hereby grants to you a royalty-free, worldwide, non-exclusive, non-transferable (other than as specifically set forth in Section 18 below), non-sublicensable license for your Authorized Users to use, install, test, execute, perform, and copy the Services exclusively for your business use, and to create derivative works or otherwise modify the Services (including source code of the Services) purely for your own purposes (the “License”). For clarity, the License is granted on a per Authorized User basis, and you must purchase and maintain a valid license for each Authorized User who accesses the Gruntwork Services, no matter how they access the Gruntwork Services, including, without limitation, access via Gruntwork's code repositories and access via a private copy of a code repository.
6.2. License is Private to Customer. Gruntwork does not grant you a license, and you acknowledge that you are not permitted to sell, distribute, or publish in any way (under an open source license or otherwise) to any other party without express written permission from Gruntwork, any portion of the Services (including any source code of the Services) or any derivative or modification of the Services created by you, even if Gruntwork otherwise publishes or redistributes (under an open source license or otherwise) the Services or any portion thereof.
6.3. Limited Rights Transfer. Gruntwork does not transfer any rights to any portion of the Services to you or any third party, and delivery of any Services to you shall not constitute any transfer of rights, except as set forth in this Section 6. Gruntwork retains all rights unless enumerated otherwise herein.
6.4. Gruntwork Retains Ownership. Gruntwork retains all rights to all works (including source code, object code, user interfaces, documentation, or other works), algorithms, data, inventions, discoveries, ideas, designs, trade secrets, tangible or intangible, embodied in the Services or created or reduced to practice in performance of the Services, including, without limitation, all copyrights, patent rights, trade secret rights, trademark rights, moral rights, and other intellectual property rights to and in the Services and Gruntwork’s trademarks, service marks, trade names, logos, and domain names in the United States and all other countries, including, without limitation, the right to pursue patents, utility models, or industrial design applications in the United States and all other countries; and any and all associated goodwill. No portion of the Services is developed as a “work-made-for-hire”, as defined by the Copyright Law of the United States, for you, and such Services shall be exclusively owned by Gruntwork.
6.5. Use with Other Customers. Gruntwork reserves the right to use the Services or any portion thereof for any and all purposes. Gruntwork intends and reserves the right, and you hereby acknowledge Gruntwork’s intent and right, to incorporate the Services or any portion thereof into projects for customers other than you, and, without limitation, to license the Services or any portion thereof to other customers of Gruntwork and to other third parties.
6.6. Customer Contributions to Gruntwork. Nothing in these Terms requires you to contribute to the Services; however, if you choose to contribute any intellectual property via a submission to a Gruntwork source code repository (for example, via a GitHub pull request), Gruntwork will own such contribution (“Gruntwork-Owned Contribution”). You warrant that Gruntwork-Owned Contributions do not include any of your Confidential Information (as defined in Section 8), and you hereby assign to Gruntwork all rights in the Gruntwork-Owned Contribution, including, without limitation, all copyrights, patent rights, trade secret rights, trademark rights, moral rights, and other intellectual property rights to and in the Services in the United States and all other countries, including the right to pursue patents, utility models, or industrial design applications in the United States and all other countries, and will do everything reasonably possible (when requested by Gruntwork, and at Gruntwork’s expense) to carry out in good faith the intent of this clause. Nothing in these Terms requires you to provide access to Gruntwork to your source code repository, unless otherwise expressly required under the terms of a specific Service that you have utilized.
6.7. Private Customer Intellectual Property. If you create intellectual property and do not contribute it to a Gruntwork source code repository (for example, if you only contribute intellectual property to your own source code repository or to your private fork of a Gruntwork source code repository), you will continue to own such intellectual property (“Customer Intellectual Property”). Gruntwork shall have no ownership or other rights in Customer Intellectual Property.
6.8. License to Customer Information. You grant Gruntwork a worldwide, non-exclusive license to host, copy, process, transmit, and display information, data, and other content provided or submitted by you or your Authorized Users to or through the Services (and modification and derivatives thereof) (collectively, “Customer Information”) solely for the purpose of Gruntwork providing the Services to you in accordance with these Terms. Subject to this limited license, as between Customer and Gruntwork, Customer retains all right, title, and interest, including all related intellectual property rights, in and to the Customer Information.
6.9. Gruntwork Use of Open Source Software. You acknowledge that from time to time Gruntwork may utilize third-party software, such as publicly-distributed software (e.g., third-party software commonly known as “free software” or “open source software” subject to one or more third-party license agreements), or other third-party documentation and information in generating the Services or otherwise providing products or services to you under these Terms. Gruntwork may incorporate such third-party software into the Services or make use of such third-party software in the Services. If the third-party software uses a GPL, LGPL, or MPL license, Gruntwork will ensure the use of that third-party software in the Services does not trigger GPL, LGPL, or MPL obligations commonly referred to as “viral” obligations. Gruntwork will at all times use such third-party software only in accordance with Gruntwork’s Open Source Usage Policy located at https://gruntwork.io/open-source-policy, which may be updated from time to time but at all times will meet industry standards.
6.10. Your Use of Open Source Software. You also acknowledge that, under the terms of the License granted herein, you agree not to distribute the Services or any derivative of the Services in any way and, as such, acknowledge and agree that you will not “convey” any Services or derivative of the Services in a manner that would trigger GPL, LGPL, or MPL obligations commonly referred to as “viral” obligations. In the event you produce any derivative work from any portion of the Services, or otherwise modify the Services, you shall be solely responsible for ensuring that such derivatives or modifications comply with the terms of the licenses to any third-party software incorporated into the Services.
6.11. Feedback. You hereby grant Gruntwork a royalty-free, worldwide, transferable, sublicensable, irrevocable, perpetual license to use, reproduce, translate, modify, create derivative works from, distribute, and incorporate into the Services, any suggestions, enhancement requests, recommendations or other feedback provided by you or your Authorized Users relating to Services. Notwithstanding anything stated to the contrary in the Terms, this irrevocable license will continue after the expiry or termination of these Terms for any reason.
7. Third-Party Applications
From time to time, Gruntwork may offer to you the ability to access, or the Services may be integrated or interact with, third party applications, websites, and services (“Third-Party Applications”) to make the Services available to you. These Third-Party Applications may have their own terms and conditions of use and privacy policies. Your use of these Third-Party Applications will be governed by and subject to such terms and conditions and privacy policies. You understand and agree that Gruntwork does not endorse and is not responsible or liable for the behavior, features, or content of any Third Party Application or for any transaction you may enter into with the provider of any such Third-Party Applications, nor does Gruntwork warrant the compatibility or continuing compatibility of the Third-Party Applications with the Services.
8.1. Mutual Non-Disclosure. You and Gruntwork acknowledge that during the course of Gruntwork performing the Services, each Party may disclose information that is confidential and proprietary to such Party, its vendors or its customers (“Confidential Information”) to the other Party to facilitate work under these Terms. You and Gruntwork agree that each of you will hold the other Party’s Confidential Information in confidence. You and Gruntwork agree that each of you will only use the other Party’s Confidential Information as expressly authorized by these Terms, and in the preparation of the Services or in integrating the Services with your other products, and will not disclose the Confidential Information to any third party without the written permission of the Party disclosing the Confidential Information.
8.2. Protection of Confidential Information. Each Party will protect Confidential Information disclosed to it by taking reasonable precautions to avoid disclosure which are at least as restrictive as the precautions it uses to protect its own proprietary information, but in no event less than reasonable care, and will limit access to the disclosing Party’s Confidential Information to those of its employees or agents who are bound by confidentiality obligations at least as restrictive as those contained herein. The foregoing are collectively referred to herein as the “Obligations of Confidentiality.”
8.3. Definition of Confidential Information. The Obligations of Confidentiality shall apply regardless of the form the Confidential Information takes. Subject to Section 8.6, to be treated as Confidential Information under this section, written information must be marked as “Confidential Information” in writing at the time of its transmittal. Confidential Information disclosed orally or in any form other than a document must be identified as proprietary at the time of disclosure and then described in a writing, suitably marked as “Confidential Information”, provided to the receiving Party within thirty (30) days of the disclosure. Confidential information will not include information that: (a) was already known to the Party to which it is disclosed before its disclosure under these Terms; (b) is or becomes publicly known without breach of these Terms; (c) is developed by a receiving Party independently without reference to the relevant confidential information of the disclosing Party; or (d) is obtained from third parties which have no obligations to keep such information confidential to the Parties to these Terms.
8.4. Mandatory Disclosure. The Parties may disclose Confidential Information without liability hereunder to comply with applicable law or in response to a valid order of requirement by a court or other governmental body, provided that the receiving Party gives the disclosing Party prior written notice of such disclosure in order to permit the disclosing Party to seek an appropriate protective order.
8.5. Survival of Obligations Upon Termination. The Obligation of Confidentiality will survive termination of these Terms for three years.
8.6. Included in Gruntwork Confidential Information. You agree that the Services and all portions thereof is Confidential Information of Gruntwork unless or until publicly disclosed or publicly distributed by Gruntwork.
9. Privacy and Data Security
9.1. General. Each Party shall comply with applicable laws governing the privacy and protection of personal data (“Applicable Data Protection Laws”).
9.3. Data Security. Gruntwork has implemented and will maintain appropriate technical and organizational security measures designed to preserve the security and confidentiality of the Services and any Customer Information or other Personal Data under its control.
9.4. Data Processing Agreement. To the extent that, as part of the Services, Gruntwork processes Personal Data on Customer’s behalf, the terms of the Gruntwork Data Processing Agreement (currently located at https://gruntwork.io/legal/dpa), which is incorporated into and forms a part of these Terms, will apply to such processing.
9.5. Customer Responsibilities for Customer Information and Authorized Users. You represent and warrant that to the extent Customer Information includes information that alone, or in combination with other information, can be used to identify an individual person (“Personal Data”), you have provided, and will continue to provide, all notice, and have obtained, and will continue to obtain, all consents legally required to make such Personal Data available to Gruntwork via the Service. You shall have sole responsibility for the accuracy, quality, and legality of Customer Information and the means by which you have acquired Customer Information. Notwithstanding anything stated to the contrary in the Agreements, you agree not to provide (or cause to be provided) the Personal Data of any of the consumers of your goods or services (“Your End Users”). You acknowledge and agree that Gruntwork has no expectation of processing Personal Data of Your End Users; and you further agree that you have not, and will not, issue any instructions, written or otherwise, to Gruntwork to do so. To the extent that End User Personal Data is nonetheless introduced into data provided to Gruntwork in the provision of the Services in violation of this Section 9.5, you agree that you are the data controller and that there is no intention on Gruntwork’s part to be a data processor on your behalf. You further agree to reimburse Gruntwork for any expense or cost incurred by Gruntwork related to the collection or processing of Your End User Personal Data. As used in this Section 9.5, “data controller,” and “data processor” shall have the meanings provided in the European Union’s General Data Protection Regulation or other Applicable Data Protection Law.
9.6. Customer Instructions. Through your configuration and use of the Services, you have control over the types and amounts of Customer Information that are submitted to Gruntwork. By submitting Customer Information to the Services and through your configuration choices, you grant Gruntwork the right, and expressly instruct Gruntwork, to process Customer Information during the Term in order to provide and support the Services and as otherwise provided in these Terms. To the extent that you use the Services to establish integrations or other connections with one or more components of your environment (including components of your environment hosted by third parties), you grant Gruntwork the right and expressly instruct Gruntwork to access and interoperate with that component during the Term in order to provide and support the Services. You are responsible for complying with all applicable third-party terms, policies, and licenses governing access and use of such components and associated data.
9.7. Sensitive Data. You shall not provide (nor cause to be provided) any Sensitive Data (defined below) to Gruntwork for processing under these Terms and Gruntwork will have no liability whatsoever for Sensitive Data submitted in violation of the foregoing. Sensitive Data means (a) a social security number, passport number, driver’s license number or similar identifier (or any portion thereof); (b) a credit or debit card number (other than the truncated (last four digits) of a credit or debit card); (c) employment, financial, genetic, biometric, or health information; (d) racial, ethnic, political, or religious affiliation, trade union membership, or information about sexual life or sexual orientation; or (e) other information that falls within the definition of “special categories of data” under Applicable Data Protection Laws.
10. Limited Liability
10.1. Limitation on Liability. Gruntwork's total liability to you under these Terms for damages, costs, and expenses will not exceed the compensation received by Gruntwork under these Terms for the 12-month period prior to any claim; provided, however, the foregoing limitation shall not apply to claims arising from (a) infringement of any third-party intellectual property rights, (b) the indemnity obligations of Gruntwork set forth in Section 11.2 of these General Terms, or (c) fraud, death or personal injury caused by Gruntwork’s own gross negligence.
10.2. Exclusion of Liability. NOTWITHSTANDING ANYTHING STATED TO THE CONTRARY HEREIN, IN NO EVENT WILL GRUNTWORK OR ITS AFFILIATES, OR THEIR RESPECTIVE OFFICERS, SHAREHOLDERS, DIRECTORS, EMPLOYEES, AGENTS, AFFILIATES, SUCCESSORS OR ASSIGNS BE LIABLE FOR LOST PROFITS OR SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, WHETHER IN AN ACTION IN CONTRACT OR TORT, EVEN IF THE COVERED PARTY HAS BEEN ADVISED BY GRUNTWORK OF THE POSSIBILITY OF SUCH DAMAGES. YOU AND GRUNTWORK AGREE TO THIS LIMITATION EVEN IF THE REMEDY FOR ANY BREACH OF THIS CONTRACT FAILS OF ITS ESSENTIAL PURPOSE.
11.1 Indemnification by You. You will defend, indemnify, and hold harmless Gruntwork and its Affiliates and their respective officers, shareholders, directors, employees, and agents from and against any third party liability, claims, demands, damages, judgments, losses and expenses of any nature, including legal expenses and attorney’s fees, arising out of any theory of liability (including tort, warranty, or strict liability) or out of damage to any property, resulting from (i) the use of the Services by you or your Authorized Users in breach of the Agreements, (ii) your breach of your Obligations of Confidentiality, or (iii) the provision of Your End Users Personal Data in violation of Section 9.5 of this Agreement, except to the extent the claim is subject to Gruntwork’s indemnification obligation set forth in Section 11.2
11.2 Indemnification by Gruntwork. Gruntwork will defend, indemnify, and hold harmless you and your Affiliates and your respective officers, shareholders, directors, members, employees, and agents from and against any third party liability, claims, demands, damages, judgments, losses and expenses of any nature, including legal expenses and attorney’s fees, arising out of any theory of liability (including tort, warranty, or strict liability) or out of damage to any property, resulting from any third party claim alleging that the Services, as delivered by Gruntwork, infringes, misappropriates or violates any third party U.S. copyrights, trademarks or patent rights, except to the extent, in either case, the claim is subject to your indemnification obligation set forth in Section 11.1.
12. Representations and Warranties
12.1. Representations and Warranties by You. You hereby represent and warrant to Gruntwork as follows: (a) you have the authority to enter into these Terms and to bind the entity you have listed (if any) in your GSA to the these Terms, and that these Terms constitute your and its legal, valid, binding and enforceable agreement; and (b) execution and performance of these Terms (i) does not breach any agreement of yours or the entity’s with any third party, or any duty arising in law or equity, (ii) does not violate any law, rule or regulation applicable to you or the entity, and (iii) are within your and its powers.
12.2. Representations and Warranties by Gruntwork. Gruntwork hereby represents and warrants to you as follows: (a) Gruntwork has the authority to enter into these Terms, and that these Terms constitute its legal, valid, binding and enforceable agreement; (b) the Services shall be performed in accordance with industry standards and the Services shall be of good quality and free from material defects in workmanship and materials and shall not infringe any third party’s intellectual property rights; and (c) execution and performance of these Terms (i) do not breach any agreement of Gruntwork with any third party or any duty arising in law or equity, (ii) do not violate any law, rule or regulation applicable to it, and (iii) are within its powers.
12.3. Limitations. EXCEPT FOR THE LIMITED WARRANTIES SET FORTH IN SECTION 12.2, GRUNTWORK DISCLAIMS ALL WARRANTIES WHATSOEVER WITH RESPECT TO THE SERVICES, EITHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY, QUALITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT AND WARRANTIES ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. WITHOUT LIMITATION TO THE FOREGOING, GRUNTWORK PROVIDES NO WARRANTY OR UNDERTAKING, AND MAKES NO REPRESENTATION OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, THAT THE SERVICES WILL MEET YOUR REQUIREMENTS, MEET ANY PERFORMANCE OR RELIABILITY STANDARDS, OR BE ERROR FREE. IN ADDITION, GRUNTWORK MAKES NO REPRESENTATION NOR DOES IT WARRANT, ENDORSE, GUARANTEE, OR ASSUME RESPONSIBILITY FOR ANY THIRD PARTY APPLICATIONS (OR THE CONTENT THEREOF), OR ANY OTHER PRODUCT OR SERVICE ADVERTISED, PROMOTED OR OFFERED BY A THIRD PARTY ON OR THROUGH THE SERVICES OR ANY HYPERLINKED WEBSITE, AND GRUNTWORK IS NOT RESPONSIBLE OR LIABLE FOR ANY TRANSACTION BETWEEN YOU AND THIRD PARTY PROVIDERS OF THE FOREGOING. NO ADVICE OR INFORMATION WHETHER ORAL OR IN WRITING OBTAINED BY YOU FROM GRUNTWORK SHALL CREATE ANY WARRANTY ON BEHALF OF GRUNTWORK. THIS SECTION APPLIES TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW.
12.4. Intellectual Property. Notwithstanding Section 12.3 above, for any claim covered by Section 11.2(i), Gruntwork will, at its election, either: (i) procure the rights to use that portion of the Services alleged to be infringing; (ii) replace the alleged infringing portion of the Services with a non-infringing alternative; (iii) modify the alleged infringing portion of the Services to make it non-infringing; or (iv) terminate the allegedly infringing portion of the Services.
13. Export Control
Gruntwork’s Services may be subject to U.S. export and re-export control laws and regulations or similar laws applicable in other jurisdictions, including the Export Administration Regulations (“EAR”) maintained by the U.S. Department of Commerce, trade and economic sanctions maintained by the Treasury Department’s Office of Foreign Assets Control (“OFAC”), and the International Traffic in Arms Regulations (“ITAR”) maintained by the Department of State. You warrant that you are (1) not located in any country to which the United States has embargoed goods or has otherwise applied any economic sanctions; and (2) not a denied party as specified in any applicable export or re-export laws or regulations or similar laws applicable in other jurisdictions.
You agree to comply with all applicable export and reexport control laws and regulations, including the EAR, trade and economic sanctions maintained by OFAC, and the ITAR. Specifically, you agree that you shall not – directly or indirectly – sell, export, reexport, transfer, divert, or otherwise dispose of any products, software, or technology (including products derived from or based on such technology) received from Gruntwork to any destination, entity, or person prohibited by any applicable laws or regulations of the United States or any other jurisdiction without obtaining prior authorization from the competent government authorities as required by those laws and regulations.
14. Independent Contractor
You and Gruntwork are independent parties and nothing in these Terms will constitute either Party or their employees as the employer, principal, or partner of or joint venture with the other Party. Neither you nor Gruntwork has any authority to assume or create any obligation or liability, either express or implied, on behalf of the other.
15. Use of Services to Compete
You warrant that you are not in the business of offering, designing, selling, or otherwise distributing reusable infrastructure modules to software companies, and further agree that you will not offer, design, sell, or otherwise distribute reusable infrastructure modules to software companies located in any jurisdiction, so long as Gruntwork is in the business of offering, designing, selling, or otherwise distributing reusable infrastructure modules to software companies. In the event that Gruntwork, at its sole discretion and in good faith, determines that you are competing with Gruntwork in violation of this clause, Gruntwork may, as its sole remedy, terminate these Terms, including, without limitation, the License and any terms of service for any specific Services, upon notice to you, and you shall immediately cease use of all Gruntwork intellectual property upon such termination.
16. Force Majeure
No failure or omission by either Party in the performance of any obligation of these Terms will be deemed a breach of these Terms or create any liability if the same will arise from any cause or causes beyond the control of such Party, including, without limitation, the following: acts of god, storm, flood, or earthquake; any act, rule, regulation, order or requirement of any governmental authority or by any officer, department, agency or instrumentality thereof; fire; accident; war; rebellion; insurrection; riot; invasion; national emergency; pandemic; lack of or inability to obtain fuel or power; or other similar causes beyond the control of such Party provided that such Party provides notice to the other Party of such an event and such failure or omission resulting from one of the above causes is cured as soon as is practicable.
Subject to Section 1, any notice or other communication pursuant to these Terms will be in writing and use one of the following types of delivery, each of which is a writing for purposes of these Terms: personal delivery, mail (registered or certified mail, postage prepaid, return-receipt requested), nationally recognized overnight courier (fees prepaid), or email. Gruntwork shall address notices to you to the mailing address and email address you list in your GSA. You shall address notices to Gruntwork to: 221 E Indianola Ave, Phoenix, AZ 85012, and via email to email@example.com.
Neither Party will assign, subcontract, delegate, or otherwise transfer these Terms, or its rights and obligations herein, without obtaining the prior written consent of the other Party, and any attempted assignment, subcontract, delegation, or transfer in violation of the foregoing will be null and void; provided, however, that either Party may assign these Terms in connection with a merger, acquisition, reorganization or sale of all or substantially all of its assets, or other operation of law, without the consent of the other Party. The terms of these Terms will be binding upon the Parties and their respective successors and permitted assigns.
19. Governing Law and Dispute Resolution
These Terms will be governed by and construed in accordance with the laws of the state of Arizona. The Parties agree that any disputes related to these Terms not otherwise resolved as set forth in this Section 19 will be brought and maintained exclusively in the federal and state courts located in Maricopa County, Arizona. If any controversy, claim or dispute arises out of or relating to these Terms, including, without limitation, the breach or interpretation of these Terms (collectively, a “Dispute”), each Party shall designate an executive who is authorized to investigate, negotiate and settle the Dispute. The executives shall exercise good faith efforts to settle the Dispute. If the executives do not resolve the Dispute within thirty (30) days (or an extended period if they so agree) of the initial notice of the Dispute from one Party to the other, then the Parties may pursue the Dispute in courts in accordance with this section. No court or other action pertaining to a Dispute shall be pursued unless this dispute resolution procedure has been exhausted. Nonetheless, either Party at any time may pursue equitable relief before any court of competent jurisdiction in order to protect its intellectual property rights or Confidential Information.
The Agreements, including, without limitation, these Terms and your GSA, if any, constitute the entire understanding and agreement of the Parties, and supersedes all prior written or oral agreements with respect to the subject matter of these Terms. The failure to exercise any right provided in these Terms by a Party will not be a waiver of prior or subsequent rights by such Party. If any provision of these Terms is held by a court of competent jurisdiction to be invalid, void, or unenforceable, the remaining provisions will nevertheless continue in full force and effect, and the Parties will, in good faith, attempt to modify the invalid provision so it becomes a valid provision.
Gruntwork Subscription Terms
Unless otherwise defined in these Gruntwork Subscription Terms, capitalized terms will have the meaning given to them in the Terms.
1. Term and Termination
Termination of your use of the Gruntwork Subscription in accordance with Section 5 of the General Terms represents the simultaneous termination of all other Services to which you have subscribed.
2. Included Features
2.1. Infrastructure as Code Library. Each Authorized User will receive access to the private source code repositories (“Library Repos”), which contain a collection of infrastructure code created by Gruntwork (the “Infrastructure as Code Library”). Authorized Users will only receive access to those Library Repos that support the cloud provider (e.g. Amazon Web Services (“AWS”)) selected in your GSA. You can find a list of the code in the Infrastructure as Code Library at https://gruntwork.io/infrastructure-as-code-library, or any other URL to which the prior URL redirects. From time to time, Gruntwork will release new features, bug fixes, security patches, automated tests, documentation, and other improvements to existing code, as well as create completely new code (collectively, “Updates”). Authorized Users will have access to all Updates and will be able to make use of the Updates by modifying their own source code to use a newer version of the Library Repos.
2.2. DevOps Training Library. Each Authorized User will receive access to a set of pre-recorded training courses (the “Courses”), including courses on Terraform, Packer/Docker/ECS, and the Gruntwork Reference Architecture. From time to time, Gruntwork will update the Courses to reflect the latest industry updates.
2.3. Periodic Newsletter. From time to time, Gruntwork will send an email newsletter (the “Newsletter”) that includes recent updates on the Infrastructure as Code Library, instructions on applying recent updates, and new developments with Amazon Web Services, the DevOps industry, and Gruntwork itself. Gruntwork shall email Authorized Users the latest Newsletter.
2.4. Community Support Tier. Gruntwork will provide to you all the features of the Community Support Tier, as described in Section 2.1 of the Support Terms.
3. Disclaimer Regarding Software Updates
IT IS SOLELY YOUR RESPONSIBILITY TO UPDATE YOUR SOFTWARE BASED ON GRUNTWORK ALERTS OR UPDATES, OR OTHERWISE ACT ON ANY ALERTS OR UPDATES SENT BY GRUNTWORK. YOU ARE RESPONSIBLE FOR ENSURING GRUNTWORK IS PROVIDED WITH AN EMAIL ADDRESS THAT IS ACTIVELY MONITORED BY YOUR PERSONNEL TO WHICH GRUNTWORK MAY DISTRIBUTE EMAIL NEWSLETTERS THAT INCLUDE RECENT UPDATES ON THE INFRASTRUCTURE AS CODE LIBRARY, INSTRUCTIONS ON APPLYING RECENT UPDATES, AND NEW DEVELOPMENTS WITH AMAZON WEB SERVICES, THE DEVOPS INDUSTRY, AND GRUNTWORK ITSELF. GRUNTWORK SHALL NOT BE RESPONSIBLE OR LIABLE TO YOU FOR YOUR FAILURE TO ACT ON ANY ALERT OR UPDATE, OR DUE TO EMAIL DELIVERY PROBLEMS THAT PREVENT ANY ALERT OR UPDATE FROM BEING RECEIVED BY YOU.
The Community Support Tier, the Professional Support Tier and the Enterprise Support Tier shall each be referred to herein as a “Support Tier” and collectively as the “Support Tiers”.
1. Term and Termination
You may only receive Support Services if you have a current and valid Gruntwork Subscription. Termination of your use of the Professional Support Tier or the Enterprise Support Tier in accordance with Section 5 of the General Terms represents termination only of the applicable Support Tier and will not affect any other Services, including your use of the Community Support Tier, to which you have subscribed.
2. Included Features
2.1. Supported Requests. Any Authorized User may submit a support request (“Support Request”) to Gruntwork. Support Requests may involve questions, troubleshooting, code reviews, design reviews, and bug fixes. All Support Requests must be reasonably related to the infrastructure set up by Gruntwork on your behalf and limited to the cloud provider (e.g. Google Cloud Platform) selected during registration, unless you selected the Enterprise Support, in which case we will accept your Support Requests for all cloud providers that we currently support. Gruntwork will not be obligated to customize its offerings in response to a Support Request regardless of which Support Tier you have elected.
2.2. Included Features. Gruntwork will provide to you all the features of the Community Support Tier, as described in Section 2.3 below. In addition, if you register for the Professional Support Tier or the Enterprise Support Tier, Gruntwork will provide to you all the features of that specific Support Tier as described in Section 2.4 for the Professional Support Tier and Section 2.5 for the Enterprise Support Tier.
2.3. Community Support Tier Features
2.3.1 Community Chat Room. Gruntwork provides a community chat room where Gruntwork customers may ask questions, discuss design decisions, and work together as a community. This communication will be done over a medium determined by Gruntwork, such as a Gitter or Slack channel.
2.3.2 Community Forum. Gruntwork provides a community forum where Gruntwork customers may ask questions, discuss design decisions, and work together as a community. This communication will be done over a medium determined by Gruntwork, such as a Discourse Forum, mailing list or Google Group. Gruntwork may discontinue this community forum if it determines that it is duplicative with the community chat room.
2.3.3 No Service Level Agreement. Gruntwork employees may, but are not obligated to, monitor the community chat room and community forum and provide help when appropriate. Gruntwork employees may be delayed in responding or may not respond at all to messages submitted via the community chat room or community forum.
2.3.4 Security Alerts. Authorized Users may sign up for the Gruntwork security vulnerabilities list. Gruntwork will use this list to notify Authorized Users of urgent security vulnerabilities.
2.4. Professional Support Tier Features
2.4.1. Email Support. Authorized Users may submit Professional Support Requests by emailing firstname.lastname@example.org or by using online helpdesk software specified by Gruntwork.
2.4.2. Slack Support. Authorized Users may submit Professional Support Requests via a shared channel on Slack, which shall be private to you and Gruntwork and not accessible by other Gruntwork customers.
2.4.3. Two Business Day Service Level Agreement. Gruntwork shall make a good-faith effort to respond to the Professional Support Request within a reasonable timeframe, but for the first 3 requests per day or first 30 requests per month, whichever occurs first, Gruntwork shall respond no later than two (2) business days after the Professional Support Request was received by Gruntwork, subject to our availability per Section 2.6 and Section 2.7 below.
2.5. Enterprise Support Tier Features.
2.5.1. Email Support. Authorized Users may submit Enterprise Support Requests by emailing email@example.com or by using online helpdesk software specified by Gruntwork.
2.5.2. Slack Support. Authorized Users may submit Enterprise Support Requests via a shared channel on Slack, which shall be private to you and Gruntwork and not accessible by other Gruntwork customers.
2.5.3. Phone/Video Support. If Gruntwork and you mutually determine that an Enterprise Support Request cannot be resolved asynchronously, the Parties will engage in a real-time phone or video chat.
2.5.4. Same Day Service Level Agreement. Gruntwork shall make a good-faith effort to respond to the Enterprise Support Request as soon as possible, but for the first 3 requests per day or first 30 requests per month, whichever occurs first, Gruntwork shall respond no later than four business hours after the Enterprise Support Request was received by Gruntwork, unless the request was received after 2:00pm Pacific Time, in which case Gruntwork will respond no later than 10:00am Pacific Time on the next business day. Gruntwork business hours are from 9:00am - 5:00pm Pacific Time, Monday through Friday, subject to our availability per Section 2.6 and Section 2.7 below.
2.5.5. Prioritized Bug Fixes. When an Enterprise Support Request identifies a bug in any Gruntwork Service, provided that the bug can be systematically reproduced by either you or Gruntwork, Gruntwork will begin work to fix the bug within two (2) business days of receiving the Enterprise Support Request, subject to our availability per Section 2.6 and Section 2.7 below.
2.6. Availability. From time to time, for example on national holidays, no Gruntwork personnel may be available to handle Professional Support Requests or Enterprise Support Requests. In such case, Gruntwork will notify you of such days via the Newsletter. Gruntwork hereby agrees that it will limit business days on which no Gruntwork personnel are available to no more than fifteen (15) days per year.
2.7. No Emergency Support. GRUNTWORK DOES NOT WARRANT THAT ITS PERSONNEL WILL BE AVAILABLE ON SHORT NOTICE IN THE EVENT OF AN EMERGENCY. HANDLING AN INFRASTRUCTURE EMERGENCY SHALL REMAIN YOUR SOLE RESPONSIBILITY.
Reference Architecture Terms
Unless otherwise defined in these Reference Architecture Terms, capitalized terms will have the meaning given to them in the Terms.
1. Term and Termination
You may only receive Reference Architecture Services if you have a current and valid Gruntwork Subscription. Termination of your use of the Reference Architecture and these Reference Architecture Terms represents termination only of the Reference Architecture Services and these Reference Architecture Terms and will not affect any other Services to which you have subscribed.
2. Included Features
2.1. Reference Architecture Customization. To understand your architecture preferences, we will ask you to submit an online form that includes questions on how you desire to configure your infrastructure.
2.2. Reference Architecture. Gruntwork will design, implement and deploy a standardized architecture for use with the cloud provider (e.g. Amazon Web Services) that you selected during registration (the "Reference Architecture") based on the requirements you specify via an online form, verbal discussion, or other mutually acceptable means.
2.3. Reference Architecture. Gruntwork will design, implement and deploy a standardized architecture for use with the cloud provider (e.g. Amazon Web Services) that you selected during registration (the "Reference Architecture") based on the requirements you specify via an online form, verbal discussion, or other mutually acceptable means.
2.4. Code in Client Git Repos. The code for the Reference Architecture will be committed to your Git repositories.
CIS Compliance Terms
Unless otherwise defined in these CIS Compliance Terms, capitalized terms will have the meaning given to them in the Terms. You may only access and use the CIS Compliance product ("CIS Compliance") if you have a current and valid Gruntwork Subscription.
1. Term and Termination
You may only access and use the CIS Compliance Services (“CIS Compliance”) if you have a current and valid Gruntwork Subscription. Termination of your use of CIS Compliance and these CIS Compliance Terms in accordance with Section 5 of the General Terms represents termination only of CIS Compliance and these CIS Compliance Terms and will not affect any other Services to which you have subscribed.
2. Included Features
2.1. About CIS Compliance. CIS Compliance is designed to simplify the process of achieving compliance with the Center for Internet Security (“CIS”) AWS Foundations Benchmark (the “CIS AWS Foundations Benchmark”) and other such benchmarks for which Gruntwork may add support from time to time (together with the CIS AWS Foundations Benchmark, collectively, the “CIS Benchmark”). CIS Compliance provides you access to the Gruntwork CIS Compliance Git repositories (the “CIS Repos”) that contain code modules, working examples, standalone utilities, and automated tests (collectively, the “CIS Modules”).
2.2 CIS Compliance Features.
- CIS Repos — CIS Compliance gives you access to the CIS Repos and a license to use the CIS Modules (and the related submodules) in accordance with the License.
- Automated Tests — The CIS Repos give you access to automated tests that will help you continue to validate compliance with the CIS Benchmark even if you choose to fork the CIS Modules and make customizations.
- Updates — CIS Compliance provides you with access to all ongoing updates to the CIS Modules based on any new versions of the CIS Benchmark that are released by CIS.
2.3. CIS Compliant Reference Architecture. If you elect to purchase both the Reference Architecture and CIS Compliance, you may request, at no additional cost to you, that Gruntwork design, implement, and deploy a Reference Architecture that is intended to be compliant with as many of the requirements of the CIS Benchmark as is possible (the “CIS Reference Architecture”). Notwithstanding the foregoing, you acknowledge and agree that CIS Compliance, the CIS Modules and the CIS Reference Architecture may not be “fully” compliant with the CIS AWS Foundations Benchmark, as further described in Section 4.1 below.
2.4. CIS Compliance Support. You may submit a support request relating to CIS Compliance to Gruntwork (a “CIS Support Request”). CIS Support Requests may involve: (i) questions regarding compliance with the CIS Benchmark, how to use the CIS Modules, or questions regarding the CIS Reference Architecture, (ii) troubleshooting, and (iii) bug fixes. Gruntwork shall not be obligated to provide custom development in response to a CIS Support Request; provided, however, that Gruntwork, at its sole discretion, may offer to perform custom development for free (e.g., for bug fixes). Any Authorized User may submit a CIS Support Request using the applicable channels listed in Section 3 of the Support Terms.
2.5. Updates to CIS Compliance. Within one (1) calendar quarter after the calendar quarter in which CIS releases a new version of the CIS AWS Foundations Benchmark, Gruntwork shall commence work on updating CIS Compliance, the CIS Modules, and/or the CIS Reference Architecture to be compliant with as many of the requirements of the updated CIS AWS Foundations Benchmark as is possible, provided that any such updates to CIS Compliance, the CIS Modules and CIS Reference Architecture may not be “fully” compliant with the updated CIS AWS Foundations Benchmark, as further described in Section 4.1 below. Accordingly, Gruntwork will, from time to time, release new versions, features, bug fixes, security patches, automated tests, documentation, and other improvements to CIS Compliance, the CIS Modules, and/or the CIS Reference Architecture (collectively, “CIS Compliance Updates”). You are responsible for deploying any CIS Compliance Updates when they become available.
3. Compliance with CIS AWS Foundations Benchmark
The CIS Modules are certified by CIS for compliance with the CIS AWS Foundations Benchmark. Notwithstanding the foregoing, the CIS Modules and the CIS Reference Architecture do not guarantee compliance with every requirement under the CIS AWS Foundations Benchmark, including, without limitation, requirements that by their nature must be implemented or enforced by you or your team. As a result, the CIS Modules and the CIS Reference Architecture only ensure compliance with as many requirements of the CIS AWS Foundations Benchmark that are capable of being implemented by the CIS Modules or the CIS Reference Architecture, as applicable. For example, the CIS Modules and the CIS Reference Architecture cannot ensure compliance with the CIS AWS Foundations Benchmark requirement that none of your users use a “root account” because Gruntwork cannot force you to implement and enforce a “root account” policy. Therefore, in order to achieve “full” compliance with the CIS AWS Foundations Benchmark, you will need to independently implement and enforce certain requirements of the CIS AWS Foundations Benchmark.
4. Additional Provisions
4.1. Disclaimer of Warranties. In addition to the disclaimer of warranties in the Terms, Gruntwork will have no responsibility or liability of any kind arising or resulting from your failure to (a) comply with the CIS AWS Foundations Benchmark (or any updates thereto); (b) adequately validate compliance with the requirements of the CIS AWS Foundations Benchmark; or (c) independently implement and enforce certain requirements of the CIS AWS Foundations Benchmark.