Securely deploying Infrastructure as Code - Chris Ayers - NDC Security 2023
About this talk
We routinely scan our code for vulnerabilities, but what about our infrastructure? Our infrastructure as code can have as many secrets as our codebase. Many organizations are using Terraform with automated pipelines like GitHub Actions. How do we automatically scan our Terraform modules for misconfiguration or secrets? How can we configure Terraform to store state securely in the cloud for each environment? During this session we will examine how to leverage open source tools to: Scan for security and configuration issues using tools like tfsec, terrascan, and checkov Securely configure Terraform backends like AzureRM Securely pass variables and input into Terraform Securely deploy Terraform to clouds like Azure After this session you will have the tools and examples to securely deploy terraform to the cloud. Check out our new channel: NDC Clips: @ndcclips Check out more of our featured speakers and talks at https://ndcconferences.com/ https://ndc-security.com/
Topics covered
Stay Updated
Get notified about new features and conference additions.
