Security as Code eBook from NGINX
Learn how to implement a DevSecOps strategy by integrating security early into your development process through cloud infrastructure on AWS.
Download for free:
https://www.nginx.com/resources/library/security-as-code
Topics include:
- Enabling consistent app security by creating templates with declarative code to automate security and keep developers agile.
- Setting up infrastructure as code and running scans to detect misconfigured resources in your code.
- The top four high-level roles a DevSecOps team should have.
- Securing your AWS environment and Amazon EKS cluster, with step-by-step exercises on implementing security as code within the CI/CD pipeline.
Developers—In Chapter Two, the authors walk you through setting up local environments with simple commands. From there, they demonstrate installing the software needed to secure your AWS environment and Amazon EKS cluster. Using free, publicly accessible sample code, the authors also show you how to create or destroy objects or resources through the “magic” of automation. Before the chapter ends, you’ll be guided through a sample application built with secure configurations. This ensures your toolkit is working.
To follow exercises and activities in this book, you’ll need:
- AWS CLI
An open source tool that enables you to interact with AWS services in the assigned account by using commands in your terminal. - AWS CloudFormation
An AWS domain-specific language (DSL) that supports two file types: YAML and JSON. The files are used to deploy and provision infrastructure resources tracked as code. - Docker (community edition)
A software platform, or platform as a service (PaaS), that bundles software into units called containers. These containers allow you to build, test, and deploy applications. - Open Container Initiative (OCI) images
A Linux Foundation project where open industry standards around container formats and runtime created an official certification program. In 2015, Docker, CoreOS, and other leaders in the container industry launched OCI. - Python
An open source, interpreted, object-oriented, high-level programming language with dynamic language and dynamic semantics. - Git repository
An open source, distributed version control system for different file types. - Kubectl
An open source Kubernetes command-line tool that allows users to interact with Kubernetes clusters. - Kubernetes
An open source system for automating deployment, scaling, and management of containerized applications.