Presented at Cloud Native @Scale Meetup on June 30, 2021.
When you use cloud infrastructure, you might find yourself accidentally applying a configuration for an open storage bucket, unencrypted queue, or unrestricted access control. At worst, these misconfigurations can be exploited by bad actors. At best, they get duplicated across an organization without anyone knowing better. Over time, this duplication becomes painful to manage as more teams collaborate on infrastructure, systems grow more complex, and new audit requirements come to light. How do you know your application and infrastructure configurations adhere to compliance and security standards? In this talk, you'll learn how to scale your policy as code for cloud infrastructure. We'll get hands-on with a combination of static and dynamic analysis to implement rules that automatically verify the security and compliance of your configurations as part of your development lifecycle.