The Pipeline: All Things CD & DevOps Podcast by The CD Foundation

Securing Infrastructure-as-code in CI/CD Pipelines

Jacqueline Salinas, Director of Ecosystem & Community Development Season 2 Episode 17

Guest Speaker: Yoni Leitersdorf

You want to catch security issues in your cloud infrastructure before deployment but you don’t have a lot of time to spend on it. 

What is infrastructure as code (IaC) security? How do you inject IaC security into the CI/CD pipeline to catch security risks before deployment? How do you do that without impacting the pipeline and frustrating developers? 

You will also learn how we catch common security issues in CI such as:

  • Privilege escalation in AWS due to overly permissive IAM permissions
  • Drift issue caused by someone changing a security group leading to exposures
  • Sharing IAM roles for resources in public and private subnets may not be a good idea

Yoni has successfully implemented IaC security in their CI/CD pipeline at Indeni. He will share best practices and tips to get IaC security implemented quickly. 


Support the show