Help
Technical Articles
F5 SMEs share good practice.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

Security as Code eBook from NGINX

Anjuli_Lam
F5 Employee
F5 Employee

on ‎21-Feb-2023 05:00

Learn how to implement a DevSecOps strategy by integrating security early into your development process through cloud infrastructure on AWS. 

Download for free:
https://www.nginx.com/resources/library/security-as-code

Topics include: 

  • Enabling consistent app security by creating templates with declarative code to automate security and keep developers agile.
  • Setting up infrastructure as code and running scans to detect misconfigured resources in your code.
  • The top four high-level roles a DevSecOps team should have.
  • Securing your AWS environment and Amazon EKS cluster, with step-by-step exercises on implementing security as code within the CI/CD pipeline.

Developers—In Chapter Two, the authors walk you through setting up local environments with simple commands. From there, they demonstrate installing the software needed to secure your AWS environment and Amazon EKS cluster. Using free, publicly accessible sample code, the authors also show you how to create or destroy objects or resources through the “magic” of automation. Before the chapter ends, you’ll be guided through a sample application built with secure configurations. This ensures your toolkit is working.           

To follow exercises and activities in this book, you’ll need:

  • AWS CLI
    An open source tool that enables you to interact with AWS services in the assigned account by using commands in your terminal. 
  • AWS CloudFormation
    An AWS domain-specific language (DSL) that supports two file types: YAML and JSON. The files are used to deploy and provision infrastructure resources tracked as code. 
  • Docker (community edition)
    A software platform, or platform as a service (PaaS), that bundles software into units called containers. These containers allow you to build, test, and deploy applications. 
  • Open Container Initiative (OCI) images
    A Linux Foundation project where open industry standards around container formats and runtime created an official certification program. In 2015, Docker, CoreOS, and other leaders in the container industry launched OCI. 
  • Python
    An open source, interpreted, object-oriented, high-level programming language with dynamic language and dynamic semantics. 
  • Git repository
    An open source, distributed version control system for different file types. 
  • Kubectl
    An open source Kubernetes command-line tool that allows users to interact with Kubernetes clusters. 
  • Kubernetes
    An open source system for automating deployment, scaling, and management of containerized applications.
Version history
Last update:
‎13-Feb-2023 09:20
Updated by:
Community Manager
Contributors
Copyright © 2023 Khoros, LLC