Addressing Cloud Security with OPA
Description: The challenges of building and modifying at-scale cloud infrastructure environments led to the development of infrastructure as code, and now the challenges of managing the security and compliance of those environments has led to policy as code. Cloud environments are simply too vast, complex and dynamic to address with traditional security and compliance approaches such as manual audits and checklists.
Open Policy Agent (OPA) is an open source policy as code framework and toolset that’s a part of the Cloud Native Computing Foundation (CNCF). OPA can be used to validate the policy compliance of cloud infrastructure environments and prevent the deployment of resource misconfigurations. OPA uses the Rego policy language.
In this talk, Josh Stella (cofounder and CTO at Fugue) will walk through how OPA works and how cloud engineering teams can leverage it and other open source tools for cloud security and compliance.
By the end of the talk, attendees will learn:
-How to use OPA and the Rego policy language to build custom rules for cloud infrastructure
-How to check Terraform against policy with Regula, a tool that uses OPA for validating infrastructure as code
-How to use OPA with CI/CD tools to integrate cloud infrastructure security into automated delivery pipelines