The DevSecOps Talks Podcast

AWS released AWS Bottlerocket OS in March of 2020, and version 1.0.0 got released in August 2020.
What is it? Should you be using it? What are the benefits?
Is it ready for prime time? We answer all of those questions during this episode of DevSecOps Talks. Tune in!

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion.

Johan Abildskov (@RandomSort, see episode 6) is back, and we are talking branching strategies! In particular, why you shouldn't be doing git-flow, and what are other options out there. This conversation takes us down memory lane to a more broad discussion about version control systems, mono-repositories, continuous integration, and delivery. We hope you will like it!

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion.

This time we are joined by Paul Stack (@stack72, Pulumi developer, former Terraform developer) and podcast friend Jacob Lärfors to talk about

- what is Pulumi is?

- understand the difference between Pulumi vs. Terraform (and if we should compare them at all)

- What is hard about Pulumi?

- What people ask the most? What are the common confusions?

- Cross-language infra libraries? How is it even possible?!

- Is there a possibility of a supply chain attack via Pulumi library?

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion.

Last week (week 6, 2021), seven data breaches were announced. In this episode, we discuss the possible scenarios for preventing attackers from getting a hold of your data, whether private or company data. And tips on how to mitigate the consequences of data leaks in cases when you have no control over data management (think of breach of 3rd party service).

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

How do you run Kubernetes in the cloud? Still using Kops? Or is it time to jump to the managed offerings?
We go through the list of things you might be missing out on if not yet using a managed solution.
Also, in this episode - what do you always configure in the k8s cluster? CNI, Ingress, IAM, and even more!

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

It's been almost a year since we started the podcast, but we never took time to explain who we are and what problems we solve for our customers/employers. So in this episode, you will find more details about us and, as usual, references to useful tools, talks, and techniques.

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

AWS had a severe incident at the end of November. Kinesis in us-east-1 went dark for quite some time, and a ripple effect caused degradation of other services like CloudWatch, ECS, and others.
As a Cloud Engineering practitioner, how do you get yourself and your organization ready for a such turn of events?

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

Andrey wants monitoring to be more magical, or does he want a wrong thing? What are the sane defaults? And why do we have to set up boilerplate monitoring again and again?
  
Mattias shares what he does for monitoring security events.
  
Julien explains why using logs to debug in a microservices architecture is costly and inefficient. 

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

How to decommission resources from your cloud environment to keep it clean?

What to do when a resource is created without being in the infrastructure code?

Andrey is going through a checklist he uses to delete resources and the utility serverless functions he wrote.

ArgoCD is a project that does GitOps and automatically delete resources in Kubernetes namespaces if they are not defined.

We talked about the different layers of abstraction for infrastructure as code and where it makes sense to have a terraform controller in a Kubernetes cluster to manage the application dependencies.

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

Initially, we planned this episode as a discussion about HashiCorp Nomad and invited Jacob Lärfors. He recently published a great article about his experience working with Nomad (see link in the show notes). However, because of a few postponements, and with HashiConf that happened just a week ago, we decided to extend the podcast’s scope to go over all of the announcements that they did during the conference. So here it is - HashiConf special: all you need to know about everything that HashiCorp announced during the conference plus a discussion about Nomad!

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion