DEVSECOPS Talks #9-2020 - Terraform in CI

The DevSecOps Talks Podcast

Player FM - Internet Radio Done Right

16 subscribers

הוסף לפני three שנים

תוכן מסופק על ידי Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin, Mattias Hemmingsson, Julien Bisconti, and Andrey Devyatkin. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin, Mattias Hemmingsson, Julien Bisconti, and Andrey Devyatkin או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.

Tinfoil Swans

1
Encore: Will Poulter, Dave Beran, and The Bear 52:22

לפני 12 ימים52:22

הפעל מאוחר יותר

רשימות

לייק

אהבתי

52:22

Season 3 of the smash hit FX/Hulu show “The Bear” roared to life just days ago, but Will Poulter (the actor who plays fan-favorite Luca) and 2014 F&W Best New Chef Dave Beran had been prepping for weeks. Poulter — like his co-star Jeremy Allen White — staged with Beran at his Santa Monica restaurant Pasjoli to learn how to accurately portray a professional chef onscreen. The lessons went so well, Beran says he’d hire Poulter as a cook — even despite a messy mishap with a pastry bag. The two dished all about getting kitchen culture right on and offscreen, what it takes to be at the top of your craft, and the pure magic of a great restaurant service. Learn more about your ad choices. Visit podcastchoices.com/adchoices…

לפני 5 שנים 51:05

MP3•בית הפרקים

How do you start to implement a CI pipeline when dealing with infrastructure as code implemented via Terraform? What are the security concerns when the credentials to the whole kingdom are used in an automated process? In this episode, we discuss the various security and feasibility aspects of using Terraform in a CI pipeline.

We start the episode by catching up with what we’ve been working on. Feel free to skip to 11:52 if you want to go directly to the topic. Having an automated process to deploy and manage infrastructure has advantages such as fast feedback and collaboration. The code for the infrastructure is treated like an application that is versioned, tested, and deployed.

Show notes are available at https://devsecops.fm/episodes/terraform-in-ci/

80 פרקים

#Tech #Andrey Devyatkin #Julien Bisconti #Mattias Hemmingsson

DEVSECOPS Talks #9-2020 - Terraform in CI

The DevSecOps Talks Podcast

16 subscribers

published לפני 5 שנים

שתפו

MP3•בית הפרקים

Show notes are available at https://devsecops.fm/episodes/terraform-in-ci/

80 פרקים

#Tech #Andrey Devyatkin #Julien Bisconti #Mattias Hemmingsson

Alle Folgen

1
#80 - Understanding Passkeys: Benefits And Limitations 36:55

לפני 18 ימים36:55

36:55

Passkeys are gaining attention as a new way to log in without passwords. How do they work, and how do they compare to traditional multi-factor authentication (MFA)? In this episode, we explore the history of passwords, the strengths and weaknesses of common MFA methods, and the potential of passkeys to enhance security. What threats do passkeys mitigate, and what still remain? Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

1
#79 - Going Local: What’S Driving The Move? 20:31

לפני 7 weeks20:31

20:31

Andrey, Paulina, and Mattias kick off a miniseries on European infrastructure. We talk about infrastructure providers' options across Europe, ask what really drives the move away from hyperscalers, and wonder whether the trade-offs make sense for most teams. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

1
#78 - Building AI Tools For IaC Compliance 41:12

לפני 9 weeks41:12

41:12

In this guest episode, we chat with Davlet Dzhakishev, co-founder of Cloudgeni, who’s working on an AI-powered approach to fixing compliance issues in IaC. What’s the state of tools in this space? Where does his idea fit in? And how should we think about the relationship between compliance and security? Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

1
#77 - Chaos Engineering Explained: Part 2 34:30

לפני 11 weeks34:30

34:30

Part two of our chaos engineering series is here! Join Andrey, Mattias, and Paulina as they talk through practical strategies for chaos engineering. Who should do it? How can you start? And what are the essential prerequisites? Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

1
#76 - Chaos Engineering Explained: Part 1 26:29

לפני 13 weeks26:29

26:29

Chaos engineering—is it really chaos, or something more structured? Andrey, Paulina, and Mattias talk about what chaos engineering means, how it started, and why you might already be using it unintentionally. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

1
#75 - Learning from the Crisis: Post-Incident Actions 24:18

לפני 14 weeks24:18

24:18

This is the final episode of our three-part series on incident response. We focus on what happens after the dust settles. How do you learn from what went wrong and avoid repeating it? Tune in to hear our top recommendations. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

1
#74 - From Preparation To Execution: Handling An Active Incident 27:50

לפני 17 weeks27:50

27:50

What keeps an incident from spiraling out of control? How can you organize your team on the spot? We continue our series on incident response, moving from preparation to real-time actions. Mattias shares key points from his course. Listen to learn how we handle incidents step by step. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

1
#73 - Incident Response: Key Preparations You Need 38:23

לפני 20 weeks38:23

38:23

Incident response can be complex, but where do you start? Andrey, Mattias, and Paulina dive into the preparation steps you need to take. Mattias shares his expertise from teaching an incident response course. What’s their top recommendation? Listen and find out! Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

1
#72 - AWS Resource Control Policies (RCPs) 21:25

לפני 21 weeks21:25

21:25

We are looking into recently announced AWS Resource Control Policies. What are they? How are they different from Service Control Policies? What is a Data Perimeter? Tune in to find out! Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

1
#71 - Unpacking The Dora Accelerate State Of Devops Report 40:49

לפני 24 weeks40:49

40:49

In this episode, Andrey, Mattias, and Paulina break down the new DORA Accelerate State of DevOps report. What’s changed since the last report? What do these insights mean for your team? Tune in for our insightful conversation! Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

1
#70 - System Initiative Goes Ga 40:26

לפני 27 weeks40:26

40:26

Andrey, Mattias, and Paulina are joined by Paul Stack, an IaC tools developer and a frequent guest on the show. He’s back to discuss the general availability of System Initiative and share what has changed since his last visit when they talked about the early beta of the tool. Will this be a revolution or evolution in Infrastructure as Code tooling? Do we really need collaborative infrastructure management tools? Tune in to find out! Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

1
#69 - Who Is Paulina? 42:16

לפני 30 weeks42:16

42:16

Join Andrey and Mattias as they sit down with Paulina Dubas, an independent DevOps consultant and public speaker. Who is Paulina, and what experiences does she bring to the table? What topics particularly resonate with her? Tune in to learn more about Paulina since we have a feeling that she is here to stay Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

1
#68 - Julien’s Last Episode? 27:16

לפני 33 weeks27:16

27:16

Julien shares big news with co-hosts Mattias and Andrey. What led to his decision to step down? And what does the future hold for him? Tune in for the off-boarding interview as we look back at the past four years and 60+ episodes we did together! Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

1
#67 - Building MVP On AWS 29:53

לפני 35 weeks29:53

29:53

Join Andrey, Julien, and Mattias in this episode of DevSecOps Talks as they delve into building Minimum Viable Products (MVPs) and selecting the best solutions for them. Andrey goes first and, as an AWS consultant, kicks off the discussion by outlining his preferred AWS services for MVP development. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

1
#66 - Multi-Account Strategy And Landing Zones: Account Segmentation Approaches For Security And Efficiency On AWS 58:14

לפני 1 year58:14

58:14

In this episode of DevSecOps Talks, co-hosts Andrey, Julien, and Mattias are joined by AWS Consultant Fernando Gonçalves to explore the complexities of AWS organization and account segmentation. Get insights into the debate over development, stage, and production accounts versus micro-segmentation. Don’t miss Julien's take on why he believes staging is a waste of time and money, as well as Fernando’s explanation of what the AWS Landing Zone is. Learn about the tools provided by AWS for multi-account management and the pros and cons of various account segmentation approaches. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
#65 - Understanding Nats: An Explainer Of Its Features And Capabilities 37:18

לפני 1 year37:18

37:18

Join Andrey, Julien, and Mattias in this episode of DevSecOps Talks as they discuss Nats.io, a messaging system popular among people building on top of Kubernetes. Julien explains how Nats is different from Kafka and shares his personal experience with the product. The hosts discuss the various use cases of Nats and explore its features and capabilities. Tune in to find out if Nats is the right messaging system for you! Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #64 - From Terraform To Opentofu: Story From The Trenches 39:40

לפני 1 year39:40

39:40

In this episode of DevSecOps Talks, Andrey and Mattias are joined by Timur Bublik, Platform Engineering Lead at TIER Mobility. As always, it's practitioners for practitioners as they discuss the migration from Terraform to OpenTofu, TACOS tools, and how SpaceLift is used in Timur's organization. Listen in as they dive into their three favorite features of SpaceLift and how TACOS tools like SpaceLift fit into the classic CI/CD pipeline. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #63 - Yet Another AI Episode 34:36

לפני 1 year34:36

34:36

Julien has returned with some exciting AI news. A startup has made the bold claim that they are capable of building AI software engineer. Andrey shares details about another startup that generates infrastructure based on application source code. He also mentions his upcoming talk on the use of LLM-based tools. We also discuss how individuals can stay ahead of the curve and be prepared for changes in their work life. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #62 - The DevSecOps Perspective: Key Takeaways From Re:Invent 2023 33:22

לפני 1 year33:22

33:22

In this episode of DevSecOps Talks, Andrey and Mattias discuss the latest announcements from re:Invent 2023 that are most relevant to DevSecOps practitioners. Which announcements are worth paying attention to? What are the implications for the DevSecOps community? Join us as we dive into the latest developments from AWS. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #61 - GitHub Actions And Evolution Of CI/CD Tools 46:21

לפני 1 year46:21

46:21

Andrey has been exploring GitHub Actions and has some insights to share. How have CI/CD solutions transformed over time, and what innovations do GitHub Actions bring to the table? Julien drops a few tools that could be useful for GitHub Actions users. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #60 - ChatGPT Anniversary: Where Are We With AI In Our Everyday Work 41:37

לפני 1 year41:37

41:37

Welcome to the first DevSecOps Talks episode of the new year! It's been a whole year since ChatGPT hit the scene – but how has AI adoption shaped our world since then? Join Julien, Mattias, and Andrey as they dive into the impact of AI on their workflows. How have their daily tech tools and practices evolved with AI integration? Plus, Julien gives us an insider's look at running models locally. Are these AI tools enhancing our efficiency? Tune in to find out how these advancements are reshaping the landscape of DevSecOps. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #59 - Migration Off The Cloud: To Leave or Not to Leave? 29:41

לפני 1 year29:41

29:41

Is the grass greener outside the cloud? This episode dives into the trend of companies (notably Hey and Dropbox) migrating away from cloud services. Why are they leaving, and who would benefit from such a move? We also scrutinize the common belief that public clouds are overly expensive. Join us as we dissect various cloud cost optimization tools and techniques. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #58 - AWS CDK with Igor Soroka 40:03

לפני 1 year40:03

40:03

You know our fondness for Terraform, but we are also open to exploring other tools. This episode is no different. We are joined by Igor Soroka, an expert in AWS serverless technology whose tool of choice is AWS CDK, but at the same time, he is no stranger to Terraform. We ask him practical questions about the tool and get answers based on his experience applying it to real-life projects. If you have been curious about CDK, how it functions, and if it's appropriate for you, then tune in to learn more. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #57 - Terraform Best Practices with Ben Goodman 36:38

לפני 2 years36:38

36:38

In this episode, Mattias is joined by Ben Goodman, the founder of dragondrop.cloud, a platform that offers Terraform Best Practices as a Pull Request. They discuss the best workflows for Terraform, open-source tools that can be used in conjunction with Terraform, the most effective best practices, and common pitfalls to avoid when implementing infrastructure as code using Terraform. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #56 - Backstage and Internal Development Platforms (IDP) 36:02

לפני 2 years36:02

36:02

In this episode of DevSecOps Talks, join Andrey, Julien, and Mattias as they dive into the world of Backstage, the notable internal development platform. Mattias is keen to peel back the layers and understand what makes people think of Backstage as a must-have in modern DevOps toolchains. Andrey highlights the platform's core feature: a comprehensive registry that keeps track of every software service running within a company. Could this signify a revival of IT change management, but with a twist? We've moved on from the days of cumbersome ticketing systems to streamlined internal development platforms. The team also ponders the future role of infrastructure engineers as they navigate the rising tides of AI—will AI become the new face behind these developer portals? Tune in to find out! Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #55 - Unpacking System Initiative with Paul Stack 57:47

לפני 2 years57:47

57:47

Our dialogue with Paul Stack resumes on DevSecOps Talks, almost two years after our initial podcast about his work on Pulumi (episode 25). As a warm-up, we talk about what prompted his move from Pulumi and his take on Open Terraform drama. The main topic of the episode is Paul's current focus, System Initiative; we probe into its purpose, the progress so far, and the promise it holds for redefining how we think of doing Infrastructure as Code and DevSecOps workflows in general. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #54 - HashiCorp’s BSL Move and OpenTF: What DevSecOps Practitioners Need to Know 33:36

לפני 2 years33:36

33:36

In this episode of DevSecOps Talks, we dive deep into HashiCorp's recent shift to the Business Source License and its implications. Join Andrey, Julien, and Mattias as they unpack what this means for practitioners and explore the timeline of OpenTF initiative. Stay informed about what comes ahead with our latest discussion. Tune in! Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer any questions, hear suggestions for new episodes or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #53 - Open Software Supply Chain Attack Reference Framework with Neatsun 49:22

לפני 2 years49:22

49:22

We had the opportunity to talk with Neatsun Ziv, one of the founders of Ox Security, about the Open Source Software Supply Chain Attack Reference Framework ( https://pbom.dev ). We delved deeper into possible attack vectors and explored ways to mitigate some of them. During our discussions, we also had a couple of unusual takes on supply chain security. If you are looking to understand the Open Source Software Supply Chain, then this episode is perfect for you. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer any questions, hear suggestions for new episodes or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #52 - Lingon a.k.a Juliens and Jacobs open source project 37:32

לפני 2 years37:32

37:32

This time we got to talk about Lingon, an open-source project developed by Julian and Jacob who is a frequent podcast guest. Discover the motivations behind Lingon's creation and how it bridges the gap between Terraform and Kubernetes. Learn how Lingon simplifies infrastructure management, tackles frustrations with YAML and HCL, and offers greater control and automation. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer any questions, hear suggestions for new episodes or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #51 - Provisioning bare-metal servers 48:56

לפני 2 years48:56

48:56

Diving into the world of bare-metal servers, Mattias takes the helm solo for this episode. He's accompanied by special guests Michael Wagner and Ian Evans from Metify, the company that powers Mojo - a leading platform for bare-metal provisioning automation. While we often chat about the big cloud service providers, this time we're switching gears. If you've been curious about how real-world, physical servers are set up and managed, this episode is just for you. Join Mattias, Michael, and Ian as they dive into the nuts and bolts of setting up servers - a topic that Mattias is super passionate about. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer any questions, hear suggestions for new episodes or hear from you, our listeners.…

ברוכים הבאים אל Player FM!

Player FM סורק את האינטרנט עבור פודקאסטים באיכות גבוהה בשבילכם כדי שתהנו מהם כרגע. זה יישום הפודקאסט הטוב ביותר והוא עובד על אנדרואיד, iPhone ואינטרנט. הירשמו לסנכרון מנויים במכשירים שונים.