News
Chef Extends OpsWorks Capabilities in AWS
Chef has announced new capabilities to address application lifecycle control concerns in containers in AWS. New functionality includes Chef Automate with integrated compliance and builds on AWS OpsWorks for Chef Automate announced in 2016. OpsWorks for Chef Automate provides a managed Chef server and suite of automation tools.
Creating and Enforcing "Policy as Code" with HashiCorp Sentinel
HashiCorp have released Sentinel, an embedded “policy as code” framework that is integrated within the HashiCorp Enterprise products. Sentinel enables “fine-grained, logic-based policy decisions” that can be used to automatically audit and enforce organisational, compliance or security policies when working with Infrastructure as Code and other HashiCorp platform tooling.
Q&A With Robert Scherrer: DevOps on the Backbone of the Swiss Financial Center
Starting with a small core team, and a DevOps approach around 5 + 1 dimensions - skills, organization, process, infrastructure, architecture + mindset & attitude - SIX has been transforming how IT and the business work together to break the silos and align themselves along value streams. InfoQ took the opportunity to talk with Robert Scherrer, head of software dev at SIX, about this journey.
Cloud Migrations, Highly Regulated Environments, and Making Work Visible: DOES17 London Day Two
At the London DevOps Enterprise Summit 2017 (DOES17) conference, the second morning of keynotes discussed the role DevOps plays when migrating to cloud platforms; the creation and cultivation of effective teams that must work within high-regulatory environments; and how to improve the flow of business value by making work visible.
AWS Organizations Offers Centralized Policy-Based Account Management
After a three month preview since re:Invent 2016, Amazon Web Services has recently moved AWS Organizations to general availability. The new service allows to centrally manage multiple AWS accounts within a hierarchy of organizational units and attach service control policies with fine-grained access permissions. AWS Organizations also supersede the formerly separate consolidated billing feature.
DevOps Survival in the Highly Regulated Financial Industry
Robert Scherrer, head of application engineering at SIX, on how the company leveraged DevOps principles and benefits in the highly regulated Swiss financial industry. Engaging with compliance auditors to collaboratively agree on solutions early before it's too costly to change and avoiding legacy internal directives (not actually required by external regulations) are the main takeaways.
Container Manifests, Docker Labels, and the Implications on Security: A Q&A with Gareth Rushgrove
At DockerCon EU 2015, InfoQ sat down with Gareth Rushgrove, a senior software engineer at Puppet Labs, and explored the concepts behind his conference presentation “Shipping Manifests, Bill of Lading and Docker”. The range of topics discussed included the benefits of system package management (manifest) metadata, the use of Docker labels, and the implications on security and compliance audits.
AWS Expands Credential Lifecycle Management and Monitoring
AWS Identity and Access Management (IAM) recently expanded available password policy rules to enable self-service password rotation. A new credential report provides visibility into the AWS credentials security status. AWS also added logging of AWS Management Console sign-in events to AWS CloudTrail.
S is for Security
Frank Breedijk, security officer at Schuberg Philis, talks about the friction points between security and DevOps and how to collaborate to avoid them. Examples include automating security tests and environments, reducing scope of security audits to relevant system components only or allowing security fixes to jump the queue of changes to production.
Two More DevOps Tool Vendors Acquired
The excitement over DevOps is continuing to increase in major corporations. Today it was announced that two DevOps tool vendors were acquired. UrbanCode was picked up by IBM while Nolio went to CA Technologies.
New DMTF WorkGroup To Address Cloud Security Concerns Through Cloud Audit Standards
Security concerns still remain the top inhibitor of cloud adoption and cloud audits will alleviate some of these concerns. DMTF instituted the Cloud Audit Data Federation Work Group (CADFWG) to define specifications which will empower organizations to audit cloud-based IT resources, regardless of their chosen cloud provider.
