ฝัง
- เผยแพร่เมื่อ 14 ต.ค. 2024
- Morgan Stanley has been implementing secure Terraform modules that enforce our cloud security controls by default. The end goal is to allow free development of CSP accounts and resources using these modules without requiring additional security review.
This is achieved by defining secure defaults for the various Terraform resources, preventing freeform creation of resource and identity-based policies, and deriving values from the Terraform or CSP environment instead of allowing user input.
Our enforcement process is Sentinel-based including rules that block direct creation of Terraform resources, limiting users to the secure modules in our PMR.
Additional code samples and context sent to our account rep, Dmitry Ostrovsky.
Speakers: Brett Tegart and Itay Cohai
#InfrastructureAsCode #Terraform #AWS
If you liked this video and want to see more from HashiCorp, subscribe to our channel: www.youtube.co...
To learn more, visit our hands-on interactive lab environment, HashiCorp Learn: learn.hashicor...
HashiCorp provides infrastructure automation software for multi-cloud environments, enabling enterprises to unlock a common cloud operating model to provision, secure, connect, and run any application on any infrastructure. HashiCorp open source tools Vagrant, Packer, Terraform, Vault, Consul, Nomad, Boundary, and Waypoint allow organizations to deliver applications faster by helping enterprises transition from manual processes and ITIL practices to self-service automation and DevOps practices.
For more information, visit: www.hashicorp.com or follow us on social media:
Twitter: @hashicorp
LinkedIn: / hashicorp
Facebook: / hashicorp
