Excellent article posted last week on the google devops-sre blog -
This article focuses on strategies for running your infrastructure as code using least privilege principles to build greater security into the process.
What steps are you taking to build security into your pipelines and infrastructure as code implementations?
I’ve always loved any approach that removes the use of keys and Google Cloud did this so well by using impersonation. Speaking of keys specifically (or secrets for that matter), I am really fond of the use of Hashicorp Vault when using Terraform especially in a multi-cloud environment. Thanks for sharing this, Jenn!