Relying on post-provisioning updates and customization can only take you so far. Baking in security fixes, compliance and configuration as part of your OS image eliminates the attack window while your image is insecure (post provisioning), speeds up the end-to-end provisioning process, and can even be used to setup an 'immutable' design.

Mihai Criveti and Elif Samedin will provide an end-to-end demo of a Terraform, Vault, and Packer-based CI/CD workflow for building secure and compliant OS images. Triggering Ansible and OpenSCAP for OS image compliance and post-install steps.

Speaker: Mihai Criveti
GitHub: @crivetimihai
Twitter: @CrivetiMihai

Speaker: Elif Mosessohn-Samedin
GitHub: @UnfriendlyGrinch
Twitter: @elifsamedin

#Terraform #AWS #ImmutableInfrastructure

If you liked this video and want to see more from HashiCorp, subscribe to our channel: [ Ссылка ]

To learn more, visit our hands-on interactive lab environment, HashiCorp Learn: [ Ссылка ]

HashiCorp provides infrastructure automation software for multi-cloud environments, enabling enterprises to unlock a common cloud operating model to provision, secure, connect, and run any application on any infrastructure. HashiCorp open source tools Vagrant, Packer, Terraform, Vault, Consul, Nomad, Boundary, and Waypoint allow organizations to deliver applications faster by helping enterprises transition from manual processes and ITIL practices to self-service automation and DevOps practices.

For more information, visit: www.hashicorp.com or follow us on social media:
Twitter: @hashicorp
LinkedIn: [ Ссылка ]
Facebook: [ Ссылка ]

свернуть