Explore strategies for enabling and securing self-serve cloud infrastructure in large organizations using Kubernetes. Learn how to overcome challenges associated with Enterprise Security Architectures and Infrastructure as Code (IAC) pipelines when teams provision infrastructure through Kubernetes. Discover how to implement policy engines like Kyverno to secure a model that utilizes Kubernetes native and hosted cloud controllers, such as Crossplane, for infrastructure provisioning. Gain insights into enforcing compliance and security requirements centrally while allowing application teams to self-serve. Examine an open-source library of policies integrated with OSCAL for commonly used AWS services, aligned with NIST800-53 controls. Understand how this approach simplifies the developer experience by enabling dynamic generation of cloud resources with secure defaults, while facilitating auditing by compliance teams.
Avoiding IAC Potholes with Policy and Cloud Controllers
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Syllabus
Avoiding IAC Potholes with Policy + Cloud Controllers - Andrew Martin, ControlPlane
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
Cloud Governance with Infrastructure as Code Using Kyverno and Crossplane
-
Automate Production-Ready Cluster Using Crossplane Compositions and Kyverno
-
AWS Cloud Quest: Security
-
Securing the IaC Supply Chain
-
Kubernetes Policy Management with Kyverno 1.9
-
Cloud Native Live - Policy-Based Resource Optimization with Kyverno
