How To Fight Misconfiguration And Bad Intentions

How To Fight Misconfiguration And Bad Intentions With Kubernetes Validating Admission Policy And Crossplane.

Sometimes we make mistakes unintentionally while, at other times, bad actors try to exploit our systems. No matter the reason, misconfigurations can lead to security breaches, data loss, or even bring the whole system down. We may never be able to prevent all of these, but we can certainly minimize the risk by applying policies to infrastructure, services, and applications. The primary weapon in this fight is Policy-as-Code tools combined with Internal Developer Platforms.

In this talk, we'll build an Internal Developer Platform (IDP) and combine it with policies. As a result, we will not only enable developers to define and manage their applications and infrastructure, but we will also ensure that they are "doing the right thing" by guiding them with policies.

We'll use Crossplane to build an IDP that will allow developers to define their infrastructure and applications. We'll also use Validating Admission Policy to define policies that will guide them to define the resources they need, help them avoid making mistakes, and ensure that even malicious actors won't be able to exploit the system.

Benefits To The Ecosystem
Platform Engineers will be able to design the platform in a way that will allow developers to define their infrastructure and applications in a simple and consistent way.
Developers will be able to define their infrastructure and applications in a simple and consistent way.
Developers will be able to define policies that will guide them to define the resources they need, help them avoid making mistakes, and ensure that even malicious actors won't be able to exploit the system.

About the speaker
Viktor Farcic is a Developer Advocate at Upbound, a member of the Google Developer Experts, GitHub Stars, And CD Foundation groups, and published author.
His big passions are DevOps, Containers, Kubernetes, Microservices, Continuous Integration, Delivery and Deployment (CI/CD) and Test-Driven Development (TDD).
He often speaks at community gatherings and conferences.
He published The DevOps Toolkit Series (https://www.devopstoolkitseries.com/), DevOps Paradox (https://amzn.to/2myrYYA) and Test-Driven Java Development (http://www.amazon.com/Test-Driven-Java-Development-Viktor-Farcic-ebook/dp/B00YSIM3SC).
His random thoughts and tutorials can be found in his blog TechnologyConversations.com.
He the host of DevOps Toolkit (https://youtube.com/@DevOpsToolkit) YouTube channel and a co-host of DevOps Paradox (https://www.devopsparadox.com/) podcast.