Enabling consistent app security by creating templates with declarative code to automate security and keep developers agile.
Setting up infrastructure as code and running scans to detect misconfigured resources in your code.
The top four high-level roles a DevSecOps team should have.
Securing your AWS environment and Amazon EKS cluster, with step-by-step exercises on implementing security as code within the CI/CD pipeline.
Developers—In Chapter Two, the authors walk you through setting up local environments with simple commands. From there, they demonstrate installing the software needed to secure your AWS environment and Amazon EKS cluster. Using free, publicly accessible sample code, the authors also show you how to create or destroy objects or resources through the “magic” of automation. Before the chapter ends, you’ll be guided through a sample application built with secure configurations. This ensures your toolkit is working.
To follow exercises and activities in this book, you’ll need:
AWS CLI An open source tool that enables you to interact with AWS services in the assigned account by using commands in your terminal.
AWS CloudFormation An AWS domain-specific language (DSL) that supports two file types: YAML and JSON. The files are used to deploy and provision infrastructure resources tracked as code.
Docker (community edition) A software platform, or platform as a service (PaaS), that bundles software into units called containers. These containers allow you to build, test, and deploy applications.
Open Container Initiative (OCI) images A Linux Foundation project where open industry standards around container formats and runtime created an official certification program. In 2015, Docker, CoreOS, and other leaders in the container industry launched OCI.
Python An open source, interpreted, object-oriented, high-level programming language with dynamic language and dynamic semantics.
Git repository An open source, distributed version control system for different file types.
Kubectl An open source Kubernetes command-line tool that allows users to interact with Kubernetes clusters.
Kubernetes An open source system for automating deployment, scaling, and management of containerized applications.