The IaC Podcast explores the world of DevOps and cloud computing through the lens of Infrastructure as Code (IaC). Hosted by industry experts and thought leaders, this podcast delves into the benefits, challenges, and best practices of using code to manage and automate infrastructure. From Terraform to CloudFormation to Pulumi, listeners will gain insights into the latest trends and techniques shaping the future of infrastru ...
... Read more
How could read access to an S3 bucket escalate to a full AWS environment compromise? Daniel Grzelak walks us through a real red team engagement that sparked his research into Terraform state file vulnerabilities. Hear about the evolution of these vulnerabilities into significant security concerns and how OpenTofu 1.7's state encryption feature is set to change the game. Listen now and explore Daniel's detailed insights on 'Hacking Terraform State for Privilege Escalation' here. Daniel Grzelak is a 20-year cybersecurity industry veteran, investor, advisor, and speaker. He is no longer the CISO at Linktree nor the Head of Security at Atlassian, but he tries to stay relevant by hacking AWS and Cloud in general.
Go behind the scenes with The IaC Podcast's special KubeCon episode. Host Roni Frantchi gives you an insider's look, capturing the conference experience, much-anticipated talks, insider takes on the OpenTofu fork, and AI's potential impacts on ops and workflows, among more! You can watch full recordings of the talks mentioned on the CNCF YouTube page. Thank you to our amazing guests for this KubeCon edition: Abdel Sghiouar - Senior Cloud Developer Advocate, Google Joep Piscaer - DevRel Leader, TLA Tech Melissa McKay - Developer Advocate, JFrog Joel Studler - DevOps Engineer, Swisscom Ashan Senevirathne - Product Owner, Swisscom Daniel "phrawzty" Maher - Head of Developer Relations, Scaleway Barun Acharya - Software Engineer, Accuknox + CNCF Ambassador Saloni Narang - DevRel Freelancer Saiyam Pathak - Field CTO, Civo Stuart Miniman - Senior Director of Market Insights, Hybrid Platforms, Red Hat
How widespread is Infrastructure-as-Code adoption? What tools are dominating the IaC space? Could AI play a disruptive role? Join us as we dig into Firefly's comprehensive State of IaC Report and explore the latest trends with co-founder Eran Bibi. Tune in for a must-listen episode on where organizations currently stand in codifying cloud resources, and key insights into the future of managing Infrastructure-as-Code. Download The State of IaC Report Eran Bibi is Co-Founder & Chief Product Officer at Firefly. With years of experience in anything DevOps/SRE and security, he has earned a reputation as a CI/CD and SRE expert and an avid admin of Cloud Platforms and containerized environments. Prior to Firefly, Eran was Head of DevOps & Cloud Platform at Aqua Security and DevOps Group Lead at Finastra. Eran is a frequent speaker at Cloud Native meetups, AWS community meetups, and other cloud workshops and conferences. Sponsored by: https://www.env0.com/
How can you gain deeper insights into your complex systems beyond just monitoring infrastructure health metrics? Join us as Charity Majors, CTO and Co-Founder of Honeycomb, challenges traditional approaches to observability. With experience from the infrastructure trenches of fast-growing startups, Charity pushes us to rethink our methods. Can high-cardinality data exploration reveal the "unknown unknowns" hiding in your telemetry? Is prioritizing user experiences over infrastructure stats the key to untangling your "hairball" systems? And what role should observability play across the full software development lifecycle? Charity offers a forward-looking perspective on evolving observability practices to match increasing complexity. Observe the future of observability - Tune in to our latest episode now! Charity Majors is a Co-Founder and Engineer at Honeycomb.io, a startup that blends the speed of time series with the raw power of rich events to give you interactive, iterative debugging of complex systems. She has worked at companies like Facebook, Parse, and Linden Lab, as a systems engineer and engineering manager, but always seems to end up responsible for the databases too. She loves free speech, free software and a nice peaty single malt. Sponsored by: https://www.env0.com/
In this episode, open source guru Kris Buytaert discusses open source ecosystems, the benefits of collaboration, and the shifts towards proprietary models in certain tools. We explore OpenTofu as a reaction to Terraform, ponder whether an “Ansible of IaC” will emerge, and delve into the deeper meaning of licenses, ecosystems, and governance models—emphasizing that “one open source is not equal to another.” Join us in the exploration of the hallmarks of healthy open source and what lies beyond licenses as we assess community integrity. Kris Buytaert is a long time Linux and Open Source Consultant. He's one of instigators of the devops movement, currently working for o11y.eu / @inuits. He is frequently speaking at, or organizing different international conferences and has written about the same subjects in different Books, Papers and Articles. He spends most of his time working on bridging the gap between developers and operations with a strong focus on High Availability, Scalability, Virtualization, and Large Infrastructure Management projects. Hence, he is trying to build infrastructures that can survive the 10th-floor test—better known today as the cloud—while actively promoting the DevOps idea. Sponsored by: https://www.env0.com/