EP138 Terraform for Security Teams: How to Use IaC to Secure the Cloud
Guest:
-
Rosemary Wang, Developer Advocate at HashiCorp
Topics:
-
Could you give us a 2 minute picture on what Terraform is, what stages of the cloud lifecycle it is relevant for, and how it intersects with security teams?
-
How can Terraform be used for security automation? How should security teams work with DevOps teams to use it?
-
What are some of the obvious and not so obvious security challenges of using Terraform?
-
How can security best practices be applied to infrastructure instantiated via Terraform?
-
What is the relationship between Terraform and policy as code (PaC)?
-
How do you get started with all this?
-
What do you tell the security teams who want to do cloud security the “old way” and not the cloud-native way?
Resources: