Episode Player
Securing Infrastructure-as-code in CI/CD Pipelines
The Pipeline: All Things CD & DevOps Podcast by The CD Foundation
The Pipeline: All Things CD & DevOps Podcast by The CD Foundation
Securing Infrastructure-as-code in CI/CD Pipelines
May 14, 2021
Season 2
Episode 17
Jacqueline Salinas, Director of Ecosystem & Community Development
Guest Speaker: Yoni Leitersdorf
You want to catch security issues in your cloud infrastructure before deployment but you don’t have a lot of time to spend on it.
What is infrastructure as code (IaC) security? How do you inject IaC security into the CI/CD pipeline to catch security risks before deployment? How do you do that without impacting the pipeline and frustrating developers?
You will also learn how we catch common security issues in CI such as:
- Privilege escalation in AWS due to overly permissive IAM permissions
- Drift issue caused by someone changing a security group leading to exposures
- Sharing IAM roles for resources in public and private subnets may not be a good idea
Yoni has successfully implemented IaC security in their CI/CD pipeline at Indeni. He will share best practices and tips to get IaC security implemented quickly.
