This week's articles
Security Overview of AWS Fargate
#aws, #containers, #defend
Amazon's own security overview of Fargate, which is helpful for new adopters and deepens understanding of Fargate for current users.
Where's my stuff on GCP?
In 2018 GCP released a feature called Cloud Asset Inventory. It allows one to search for all your resources globally: "$ gcloud asset search-all-resources".
The OPA AWS CloudFormation Hook
Learn more about AWS CloudFormation Hook and how Open Policy Agent may be used for CloudFormation policy enforcement.
RBAC Explained with Examples
#explain, #iam, #kubernetes
Kubernetes RBAC tutorial with two examples, using ServiceAccounts and openssl to create separate contexts for users.
Abusing Azure Container Registry Tasks
How one Azure service supporting DevOps can start in a very solid "secure by default" state, but then quickly descend into a very dangerous configured state.
Your Favorite Software Repositories, Now Working Together
OpenSSF announced the creation of the Securing Software Repositories Working Group, a community collaboration with a focus on the maintainers of software repositories, software registries, and tools (like package managers) that rely on them, at various levels including system, language, plugin, extensions and container systems.