Design-Build-Iterate for Security and Save yourself from a $1 Million cloud bill
Session Description
Yes, following best practices for various Terraform workloads is imperative. But what about the foundational security of cloud infrastructure — especially in the context of a non-end-user company handling a fleet of 400+ projects with a daily AUC of 1,200?
In this session, Prerit will guide you through their cloud security advancement journey using HashiCorp Terraform/OpenTofu. Starting with the replication of a crypto-mining attack that incurred nearly $1 million in damages over just one weekend, we'll dissect the root cause analysis. From there, we’ll explore how they implemented 21,000+ quotas across 25 Google Cloud services seamlessly across the expansive fleet of 400+ projects and made sure that the added restrictions really enhanced the security posture. You’ll also learn about the minimal effort involved in the development and architecture of an in-house product through which they efficiently implemented quotas and metrics management.
Key Takeaways
The audience(Dev+Sec+Ops teams) will gain practical insights into creating meaningful security boundaries across all layers of their technological footprint.
References
Session Categories
Which track are you applying for?
Speakers
Prerit Munjal
Reviews
This is another talk in the k8s area. But if the demo is well organized attendees can learn some valuable information about IaC. Please put a demo plan up on git for people to be able to follow along.
This sounds like an interesting case study analysis.
I don't see how this talk is relevant to a FOSS conference. I watched the linked recording and the speaker spends most of the time talking about the 1mn USD cloud bill (which is actually 1mn INR - clickbait? ), and how they solved that using terraform, which isn't FOSS anyway.
A key concern raised by the reviewers was the talk's relevance to a FOSS conference, given that a central tool, Terraform, is not considered fully open-source. They appreciated the case study analysis but were also concerned about the "clickbait" nature of the title, noting a discrepancy between the advertised "$1 Million cloud bill" and the actual "1mn INR."