Slide 1

Slide 1 text

Clean and Secure Infrastructure as Code DevSecCon Lightning 2021 Mario-Leander Reimer [email protected] @LeanderReimer qaware.de “To Boldly Go Where No Cloud Engineer Has Gone Before”

Slide 2

Slide 2 text

2 Mario-Leander Reimer Principal Software Architect @LeanderReimer #cloudnativenerd #qaware https://speakerdeck.com/lreimer/ https://github.com/lreimer/

Slide 3

Slide 3 text

Three views of software architecture define the fields of clean code, clean architecture, quality assurance and security. QAware | 3

Slide 4

Slide 4 text

The security architecture of a system defines how to secure the individual views of the overall architecture. QAware | 4 Security Targets Security Requirements External Sources: OWASP Top 10, BSI, DSGVO Security Architecture (Secure) (Secure) (Secure)

Slide 5

Slide 5 text

The infrastructure with its technologies and frameworks, as well as the responsibilities have changed. QAware | 5

Slide 6

Slide 6 text

The architecture and code for our infrastructure also needs to address several -illities for good software quality. QAware | 6 Software Product Quality (ISO 25010) ● Modularity ● Reusability ● Analysability ● Modifiability ● Testability ● Adaptability ● Installability ● Replaceability ● Confidentiality ● Integrity ● Non-repudiation ● Authenticity ● Accountability ● Maturity ● Availability ● Fault Tolerance ● Recoverability Maintainability Portability Security Reliability ● Co-existence ● Interoperability Compatibility ● Time Behaviour ● Resource Utilization ● Capacity Efficiency ● Completeness ● Correctness ● Appropriateness Functional Suitability ● Operability ● Learnability ● UI Aesthetics ● Accessibility Usability

Slide 7

Slide 7 text

QAware | 7 Infrastructure as Code in the wild

Slide 8

Slide 8 text

Trial and Error seems to be the predominant approach to get infrastructure code up and running. QAware | 8 Write some code Run code Write some code Run code Write some code Run code ? Write Dockerfile docker build docker run Change Dockerfile docker build docker run Change Dockerfile docker build docker run ? Write K8s YAML kubectl apply Change K8s YAML kubectl apply Change K8s YAML kubectl apply ? Write Terraform Definition terraform apply Change Terraform Definition terraform apply Change Terraform Definition terraform apply ? commit

Slide 9

Slide 9 text

Infrastructure as Code without tests is broken by default!

Slide 10

Slide 10 text

Many of the principles on clean code and architecture apply to infrastructure code to make it maintainable and secure. QAware | 10

Slide 11

Slide 11 text

KISS Keep it Simple, Stupid. Emergent Design and Evolutionary Architecture https://de.slideshare.net/ThoughtWorks/neal-ford-emergent-design-and-evolutionary-architecture

Slide 12

Slide 12 text

SoC Separation of Concerns. Modules, layers and components. Loose Coupling and High Cohesion.

Slide 13

Slide 13 text

DRY Don’t Repeat Yourself. “Every piece of knowledge or logic must have a single, unambiguous representation within a system.” Andy Hunt & Dave Thomas, “The Pragmatic Programmer”

Slide 14

Slide 14 text

S O L I D

Slide 15

Slide 15 text

Single Responsibility Principle Open Closed Principle Liskov Substitution Principle Interface Segregation Principle Dependency Inversion Principle

Slide 16

Slide 16 text

QAware | 16 Clean Code Good overall summary can be found at https://gist.github.com/wojteklu/73c6914cc446146b8b533c0988cf8d29 1. Follow standard conventions. 2. Keep it simple stupid. Simpler is always better. Reduce complexity as much as possible. General 1. Keep configurable data at high levels. 2. Prevent over-configurability. 3. Use dependency injection. Design 1. Be consistent. If you do something a certain way, do all similar things in the same way. 2. Use explanatory variables. 3. Avoid negative conditionals. Understandability 1. Don’t be funny. 2. Choose descriptive and unambiguous names. 3. Use pronounceable names. 4. Use searchable names. Names 1. Always try to explain yourself in code. 2. Don't be redundant. 3. Don't add obvious noise. 4. Don't comment out code. Just remove. 5. Use as clarification of code. 6. Use as warning of consequences. Comments 1. Fast. 2. Independent. 3. Repeatable. 4. Self-validating 5. Timely Tests 1. Keep lines short. 2. Use white space to associate related things and disassociate weakly related. 3. Don't break indentation. 4. Dependent definitions should be close. 5. Structure should clearly express modules, layers, components or conceptual architecture. Source Code 1. Prefer data structures. 2. Hide internal structure. 3. Should be small. 4. Small number of variables. Data Structures

Slide 17

Slide 17 text

The conceptual architecture of your infrastructure will have a significant impact on the source code structure and security. QAware | 17 ■ Which cloud regions do we need to run in? ■ Which parts of the infrastructure and system need to be replicated? ■ How do we model environments (INT; PROD)? VPCs? K8s Namespace? ■ Which network level controls are required? ■ Which layers and components are required and what are their dependencies? ■ How does the data flow between them? ■ How do we structure the Git repositories and source code to represent the components?

Slide 18

Slide 18 text

Decide early on the technologies, tools and frameworks you intend to use. Less is more! QAware | 18 IaaS (AWS EC2, NLB, ALB, ...) CaaS (Amazon Elastic Kubernetes Service) PaaS (Software Infrastructure Blueprints with Helm and Continuous Delivery Toolchain) Application-specific Software Infrastructure Cloud-friendly & cloud-native Applications Architect Build Run Amazon SNS Amazon CloudWatch AWS IAM Amazon EC2 Amazon EBS Amazon S3 Amazon Route 53 Amazon VPC Atlantis

Slide 19

Slide 19 text

Demos and Examples https://github.com/qaware/clean-infrastructure-as-code

Slide 20

Slide 20 text

qaware.de QAware GmbH Aschauer Straße 32 81549 München Tel. +49 89 232315-0 [email protected] twitter.com/qaware linkedin.com/company/qaware-gmbh xing.com/companies/qawaregmbh slideshare.net/qaware github.com/qaware