Workshop: Exploring Policy as Code for Cloud Infrastructure

How do you check for security requirements while you build your cloud
infrastructure?

In this workshop, we'll walk through how to use policy as code to
deliver and release an immutable machine image with security in mind.

Learn to use static analysis to check provisioning scripts for security requirements. Then, you'll construct a secure image with Packer. Finally, you'll create a test server with Terraform and dynamically analyze the server runtime for vulnerabilities.

Bring your own machine and make sure you install the prerequisites listed at https://github.com/tracypholmes/policy-as-code-workshop

OUR INSTRUCTORS: Tracy P Holmes & Rosemary Wang

Tracy P Holmes is a "jackie of all trades" (and mistress of being herself)! Tracy is an Open Source Engineer at VMware where she focuses on container build and distribution transparency. Prior to her time at VMware, she worked on HashiCorp’s Terraform tool - as a Software Engineer and as a Developer Advocate. When she isn't speaking or levelling up her programming skills in Go or Python, she likes baking, volunteering, hanging with her pup, and reading mysteries. She is a strong believer that open source is like gardening - pay attention to your conditions, and water only when needed.

Rosemary Wang is a developer advocate at HashiCorp. She has a fascination for solving intractable problems with code, whether it be helping an infrastructure engineer learn to code or an application developer troubleshoot infrastructure failures. Besides coding and writing, Rosemary has spoken and run workshops at Grace Hopper Celebration, O’Reilly Software Architecture and Velocity, Women
Who Code events, and more. For her technical and speaker portfolio, check out https://joatmon08.github.io/.