Название: Security as Code: DevSecOps Patterns with AWS (Final Release)Автор: BK Sarthak Das, Virginia Chu
Издательство: O’Reilly Media, Inc.
Год: 2023
Страниц: 158
Язык: английский
Формат: epub (true), mobi
Размер: 10.1 MB
DevOps engineers, developers, and security engineers have ever-changing roles to play in today's cloud native world. In order to build secure and resilient applications, you have to be equipped with security knowledge. Enter security as code.
In this book, authors BK Sarthak Das and Virginia Chu demonstrate how to use this methodology to secure any application and infrastructure you want to deploy. With Security as Code , you'll learn how to create a secure containerized application with Kubernetes using CI/CD tooling from AWS and open source providers.
This practical book also provides common patterns and methods to securely develop infrastructure for resilient and highly available backups that you can restore with just minimal manual intervention.
DevSecOps is a relatively new field, and few books are available to guide those who want to learn more about it. We decided to write this book to help fill that gap by showing you how and where to get started on DevSecOps in AWS. This book is not an enterprise-grade solution kit for copying and pasting into production (and since every project and organization has different needs, we sincerely hope you would never do that!). Instead, it’s designed to introduce you to the building blocks of the DevSecOps mindset, and to guide you along the way with practical examples. We use popular open source tools where possible, to show you that it’s not always necessary to buy expensive products to do security the right way.
Learn the tools of the trade, using Kubernetes and the AWS Code Suite
Set up infrastructure as code and run scans to detect misconfigured resources in your code
Create secure logging patterns with CloudWatch and other tools
Restrict system access to authorized users with role-based access control (RBAC)
Inject faults to test the resiliency of your application with AWS Fault Injector or open source tooling
Learn how to pull everything together into one deployment
Who Is This Book For?
This book is for AWS security engineers, DevOps engineers, security analysts, security engineering managers, and other practitioners and leaders at intermediate and senior levels who want to automate more of their security. We recommend that readers have some practical AWS development knowledge and familiarity with Git before starting this book: ideally, enough to do basic coding and debugging within AWS. In Chapter 2, for example, we use CloudFormation, Python, and Kubernetes to demonstrate Infrastructure as Code. You should also be comfortable navigating Git repositories.
Скачать Security as Code: DevSecOps Patterns with AWS (Final Release)