Cloud service providers allow users to assign metadata to their cloud resources in the form of tags. Each tag is a simple label consisting of a customer-defined key and a value that can make it easier to manage, search for, and filter resources. Although there are no inherent types of tags, they enable customers to categorize resources by purpose, owner, environment, or other criteria.
Tags can be used for security, cost allocation, automation, console organization, access control, and operations.
On this show, we will review a new way to automate tags attribution in your CI/CD pipeline and AWS. We will also take a look at a new open-source tool to help us implement tagging best practices.
OUR GUEST: BARAK SCHOSTER
Barak Schoster (@BarakSchoster) is a Sr Dir, Chief Architect at Palo Alto Networks, working to make cloud security and DevOps processes simpler.
Barak is an open-source enthusiast based in Tel Aviv, creator of the open-source projects Checkov, AirIAM, Terragoat, and contributor to other open-source projects.
Previously, Barak was the CTO and Co-Founder of Bridgecrew (acquired by Palo Alto Networks) and held various engineering and leadership roles at RSA, Fortscale, and IDF C4I & Cyber Security Directorate.
How do you check for security requirements while you build your cloud infrastructure?
In this workshop, we'll walk through how to use policy as code to deliver and release an immutable machine image with security in mind.
Learn to use static analysis to check provisioning scripts for security requirements. Then, you'll construct a secure image with Packer. Finally, you'll create a test server with Terraform and dynamically analyze the server runtime for vulnerabilities.
Tracy P Holmes is a self-proclaimed "jackie of all trades" (and mistress of being herself). Tracy has experienced both sides of HashiCorp’s Terraform - as a Software Engineer and now a Developer Advocate. When she isn't speaking or levelling up her programming skills to make the Terraform ecosystem even better, she likes baking, volunteering, hanging with her pup, and reading mysteries. She is a strong believer that open source is like gardening - pay attention to your conditions, and water only when needed.
Rosemary Wang is a developer advocate at HashiCorp. She has a fascination for solving intractable problems with code, whether it be helping an infrastructure engineer learn to code or an application developer troubleshoot infrastructure failures. Besides coding and writing, Rosemary has spoken and run workshops at Grace Hopper Celebration, O’Reilly Software Architecture and Velocity, Women Who Code events, and more. For her technical and speaker portfolio, check out https://joatmon08.github.io/.