Examples of infrastructure templating tools include:
Terraform
https://www.terraform.ioAWS Cloudformation
https://aws.amazon.com/cloudformation/Google Cloud deployment manager
https://cloud.google.com/deployment-manager/docsThese tools enables the definition of infra templates, also known as “Infrastructure as code”.
This enables cloud security engineers to integrate security best practices into the template, review changes, version, roll-back and evaluate any cloud resource changes against a set of security rules such as “do not allow public access to a resource”.
Infra templating eliminates engineers creating resources by hand which is usually error prone and hard to track, resulting in unintentional security risk from an engineer that creates a resource such as a VM, storage bucket or database in an unsecured configuration.
Hope this helps,
Mark
Original Message:
Sent: 8/24/2021 1:46:00 PM
From: Jenna Morrison
Subject: Infrastructure Templating?
Hello!
In Module 6 Unit 2 of the self-paced training, when talking about critical IaaS security capabilities, they mention that one of them is infrastructure templating. Could someone explain what infrastructure templating is?
Thank you :)
------------------------------
Jenna Morrison
Training Department Intern
Cloud Security Alliance
------------------------------