CCSK

 View Only
  • 1.  Infrastructure Templating?

    Posted Aug 24, 2021 10:46:00 AM
    Hello!

    In Module 6 Unit 2 of the self-paced training, when talking about critical IaaS security capabilities, they mention that one of them is infrastructure templating. Could someone explain what infrastructure templating is?

    Thank you :)


    ------------------------------
    Jenna Morrison
    Training Department Intern
    Cloud Security Alliance
    ------------------------------


  • 2.  RE: Infrastructure Templating?

    Posted Aug 24, 2021 03:40:00 PM
    Examples of infrastructure templating tools include:
    Terraform https://www.terraform.io
    AWS Cloudformation https://aws.amazon.com/cloudformation/
    Google Cloud deployment manager https://cloud.google.com/deployment-manager/docs

    These tools enables the definition of infra templates, also known as “Infrastructure as code”.
    This enables cloud security engineers to integrate security best practices into the template, review changes, version, roll-back and evaluate any cloud resource changes against a set of security rules such as “do not allow public access to a resource”.
    Infra templating eliminates engineers creating resources by hand which is usually error prone and hard to track, resulting in unintentional security risk from an engineer that creates a resource such as a VM, storage bucket or database in an unsecured configuration.

    Hope this helps,
    Mark




  • 3.  RE: Infrastructure Templating?

    Posted Aug 25, 2021 11:05:00 AM
    Thank you very much for your response! I found your explanation and those templating tool links very helpful!

    ------------------------------
    Jenna Morrison
    Training Department Intern
    Cloud Security Alliance
    ------------------------------



  • 4.  RE: Infrastructure Templating?

    CSA Instructor
    Posted Aug 25, 2021 01:21:00 PM
    Great reply!

    Interestingly, the phrase 'infrastructure templating' is in the official CCSK training slide decks, but not as such in the Guidance.

    ------------------------------
    Peter HJ van Eijk
    CCSK & CCAK trainer
    https://www.clubcloudcomputing.com/
    ------------------------------