Securing Your Infrastructure as Code Pipeline
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore the security and compliance benefits of implementing a uniform platform interface for Infrastructure as Code (IaC) solutions in this 33-minute conference talk by Jesse Sanford from Autodesk. Learn how to achieve a strong separation of concerns between platform engineers and product teams, enabling the integration of common fundamentals and non-negotiables. Discover how to enforce guard rails using static analysis tools and RBAC to create walled garden ecosystems of trusted IaC. Gain insights into Autodesk's cloud deployment platform capabilities, including the use of Open Policy Agent, in-toto, Sigstore's suite, Crossplane, and other tools. Understand how to structure CI and CD systems for inspectable, verifiable, and trustable IaC pipelines. Delve into topics such as cryptographically verifiable IaC package signing, static analysis of IaC plans, and deploy-time policy enforcement. Acquire knowledge of open-source tools and patterns that can enhance both velocity and safety in platform engineering.
Syllabus
Securing Your Infrastructure as Code Pipeline - Jesse Sanford, Autodesk
Taught by
Linux Foundation
Tags
Related Courses
Introduction to Crossplane - Cloud Native Infrastructure ManagementRawkode Academy via YouTube Platform Engineering on Kubernetes
GOTO Conferences via YouTube Crossplane - Unifying Cloud Service Provisioning and Management - Mirantis Labs Tech Talks
Mirantis via YouTube Enabling Developers in a Multi-Cloud World
GOTO Conferences via YouTube Enable Developer Self-Service Using Kubernetes and Control Planes Powered by Crossplane
Linux Foundation via YouTube