Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Securing the Future: A Walkthrough of Pulumi an...

Ringo
PRO
June 19, 2023
Technology
0
26

Securing the Future: A Walkthrough of Pulumi and Policy-as-Code for Robust Kubernetes Clusters

In this dynamic and engaging meetup, we will dive into the cutting-edge realm of Infrastructure as Code (IaC) by demonstrating how Pulumi can be wielded to efficiently orchestrate Kubernetes clusters.
Pulumi, a modern IaC tool, not only supports multiple languages but also integrates seamlessly with Kubernetes. However, building and deploying is just half the story. As security and compliance become paramount in the cloud, incorporating policies as code alongside infrastructure is vital.
Through live demos and hands-on examples, this session will unravel how to amalgamate Pulumi with Open Policy Agent (OPA), a CNCF project, to enforce fine-grained, context-aware policies.

CloudNative Prague Meetup

Ringo
PRO

June 19, 2023
Tweet

More Decks by Ringo

See All by Ringo
Scaling Infrastructure with Pulumi
ringods
PRO
0
12
Power to the People: Combine Imperative with Declarative aspects
ringods
PRO
0
180
Infrastructure as Code
ringods
PRO
0
53
Container runtimes & cost
ringods
PRO
0
37
What to expect in Terraform 0.12?
ringods
PRO
0
80
Terraform Provider Development
ringods
PRO
0
90
Vault: Unified Operational Access
ringods
PRO
0
29
What is DevOps?
ringods
PRO
0
44

Other Decks in Technology

See All in Technology
ハイパーパラメータチューニングって何をしているの
toridori_dev
0
140
安心してください、日本語使えますよ―Ubuntu日本語Remix提供休止に寄せて― 2024-11-17
nobutomurata
1
990
Application Development WG Intro at AppDeveloperCon
salaboy
0
180
透過型SMTPプロキシによる送信メールの可観測性向上: Update Edition / Improved observability of outgoing emails with transparent smtp proxy: Update edition
linyows
2
210
CysharpのOSS群から見るModern C#の現在地
neuecc
2
3.1k
[CV勉強会@関東 ECCV2024 読み会] オンラインマッピング x トラッキング MapTracker: Tracking with Strided Memory Fusion for Consistent Vector HD Mapping (Chen+, ECCV24)
abemii
0
220
Exadata Database Service on Dedicated Infrastructure(ExaDB-D) UI スクリーン・キャプチャ集
oracle4engineer
PRO
2
3.2k
Making your applications cross-environment - OSCG 2024 NA
salaboy
0
180
Taming you application's environments
salaboy
0
180
【Startup CTO of the Year 2024 / Audience Award】アセンド取締役CTO 丹羽健
niwatakeru
0
960
Amazon CloudWatch Network Monitor のススメ
yuki_ink
1
200
信頼性に挑む中で拡張できる・得られる1人のスキルセットとは?
ken5scal
2
530

Featured

See All Featured
Navigating Team Friction
lara
183
14k
Visualization
eitanlees
145
15k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
169
50k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
364
24k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
47
5k
The Pragmatic Product Professional
lauravandoore
31
6.3k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
8
860
Docker and Python
trallard
40
3.1k
10 Git Anti Patterns You Should be Aware of
lemiorhan
654
59k
Art, The Web, and Tiny UX
lynnandtonic
297
20k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
47
2.1k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
250
21k

Transcript

  1. Pulumi Confidential. © 2023 Pulumi. All Rights Reserved Ringo De

    Smet Customer Experience Architect 19 June 2023

  2. Pulumi Confidential. © 2023 Pulumi. All Rights Reserved

  3. Pulumi Confidential. © 2023 Pulumi. All Rights Reserved 3 Architecture

    SCM Team Foundation Data Network Others IDEs Tools Packages Build Deploy Manage

  4. Pulumi Confidential. © 2023 Pulumi. All Rights Reserved 4 Multi-Cloud

    Infrastructure as Code BUILD, DEPLOY, AND MANAGE ANYWHERE WITH A STANDARD WORKFLOW Cloud Native Clouds Core Features: • Any Cloud, Any Language • State Management • Secrets Management • Guaranteed Preview Plans • CI/CD Integrations • Webhooks • REST API • Automation API • Dashboards and Reports Infra Providers

  5. Pulumi Confidential. © 2023 Pulumi. All Rights Reserved 5 Pulumi

    - High Level View • Pulumi Architecture • Language Host • CLI & Engine • Providers • State Backend •Pulumi Service •Cloud Storage (S3, …)

  6. Pulumi Confidential. © 2023 Pulumi. All Rights Reserved 6 Pulumi

    - High Level View • Automate your infrastructure setup with 1 or more Pulumi projects • A project contains • a program: this is your “template” from which you can create stacks • the stacks: each stack is an “instance” of the program • One project can use info from another project as input

  7. Pulumi Confidential. © 2023 Pulumi. All Rights Reserved

  8. Pulumi Confidential. © 2023 Pulumi. All Rights Reserved

  9. Pulumi Confidential. © 2023 Pulumi. All Rights Reserved 9 Pulumi

    - ComponentResource Language Host Pulumi CLI & Engine Pulumi Provider (e.g. aws) $ pulumi up runtime: nodejs Start Network + children provider: aws Start CREATE …

  10. Pulumi Confidential. © 2023 Pulumi. All Rights Reserved 10 Pulumi

    - Multi Language Components

  11. Pulumi Confidential. © 2023 Pulumi. All Rights Reserved 11 Pulumi

    - Multi Language Component Language Host Pulumi CLI & Engine Pulumi Provider (e.g. aws) $ pulumi up runtime: nodejs Start i80.nw.Network provider: aws Start CREATE … MLC (e.g. acme) Start Nw resources

  12. Pulumi Confidential. © 2023 Pulumi. All Rights Reserved

  13. Pulumi Confidential. © 2023 Pulumi. All Rights Reserved

  14. Pulumi Confidential. © 2023 Pulumi. All Rights Reserved

  15. Pulumi Confidential. © 2023 Pulumi. All Rights Reserved 15

  16. Pulumi Confidential. © 2023 Pulumi. All Rights Reserved @ringods @[email protected]

    • https://www.pulumi.com/docs • https://www.pulumi.com/blog • https://www.pulumi.com/registry