The IaC Podcast Ohad Maislish

Infrastructure as Code is evolving rapidly, and open-source collaborations are playing a big part in shaping where it's headed. In this episode, Zach Goldberg, CTO of Gruntwork, shares his insights on tackling enterprise IaC complexity with open source tools. We dive into the origins of Terragrunt and its roadmap, why organizations are rapidly adopting OpenTofu, and explore the innovative ways these tools are being used in the community. How are these developments transforming IaC practices? What challenges and opportunities lie ahead? Tune in to find out!

Zach Goldberg is an executive coach, the author of 10k+ GitHub star book, “The Startup CTO’s Handbook” and is the CTO of Gruntwork. Zach Goldberg graduated from the University of Pennsylvania Magna Cum Laude with a degree in Computer Science and Engineering. He’s been the CTO of seven startups including WiFast, Sticks and Brains, AutoLotto, Trellis Technologies, GrowFlow (acq. Dama Financial 2022), Towards Equilibrium Inc. and most recently Gruntwork as well as an Entrepreneur in Residence at Tencent and an Associate Product Manager at Google.

How are modern cloud-native environments changing the way we handle security? Liz Rice, Chief Open Source Officer at Isovalent, explains why traditional IP-based network policies are becoming outdated and how game-changers like Cilium and eBPF, which leverage Kubernetes identities, offer more effective and readable policies. We also discuss the role of community-driven projects under the CNCF, and she shares tips for creating strong, future-proof solutions. What challenges should we expect next? Tune in to find out!

Liz Rice is Chief Open Source Officer with eBPF specialists Isovalent, creators of the Cilium cloud native networking, security and observability project. She is the author of Container Security, and Learning eBPF, both published by O'Reilly, and she sits on the CNCF Governing Board, and on the Board of OpenUK. She was Chair of the CNCF's Technical Oversight Committee in 2019-2022, and Co-Chair of KubeCon + CloudNativeCon in 2018.
She has a wealth of software development, team, and product management experience from working on network protocols and distributed systems, and in digital technology sectors such as VOD, music, and VoIP. When not writing code, or talking about it, Liz loves riding bikes in places with better weather than her native London, competing in virtual races on Zwift, and making music under the pseudonym Insider Nine.

Tools, workflows and the Terraform ecosystem - Masterpoint's Matt Gowie dives deep into the IaC tooling landscape, covering tools like Terragrunt and Atmos, linting with TFLint, security scanning, CI/CD workflows and more. From Terraform 0.11 to OpenTofu, static code analysis to encryption, gain an inside look at pragmatic IaC practices.

Matt Gowie is a seasoned entrepreneur, cloud architect, and platform engineer based in Boulder, Colorado. As CEO and CTO of Masterpoint, he leads a team dedicated to developing top-tier infrastructure-as-code solutions for a diverse clientele. With over twelve years of experience in software development, tech startups, and cloud infrastructure, Matt has a deep passion for Terraform and OpenTofu. He actively contributes to the community as a core maintainer of one of the largest open-source Terraform Module libraries and an AWS Community Builder. Outside of work, you can find him rock climbing across the American West, training for an ultramarathon, or exploring remote corners of the globe.

How have DevOps movements broken down the longstanding cultural barriers between developers and operations teams? What role have container technologies like Docker played in shaping today's IT landscape? John Willis, with over 35 years in IT management, dives into these questions, sharing his insights on simplifying complex systems and fostering integration between development and operations.
Tune in to this must-listen episode as we explore the evolution and future of DevOps with a pioneer in the field.

John Willis has worked in the IT management industry for more than 35 years and is a prolific author, including "Deming's Journey to Profound Knowledge" and "The DevOps Handbook." He is researching DevOps, DevSecOps, IT risk, modern governance, and audit compliance. Previously he was an Evangelist at Docker Inc., VP of Solutions for Socketplane (sold to Docker) and Enstratius (sold to Dell), and VP of Training & Services at Opscode where he formalized the training, evangelism, and professional services functions at the firm. Willis also founded Gulf Breeze Software, an award winning IBM business partner, which specializes in deploying Tivoli technology for the enterprise. Willis has authored six IBM Redbooks for IBM on enterprise systems management and was the founder and chief architect at Chain Bridge Systems.

How could read access to an S3 bucket escalate to a full AWS environment compromise? Daniel Grzelak walks us through a real red team engagement that sparked his research into Terraform state file vulnerabilities. Hear about the evolution of these vulnerabilities into significant security concerns and how OpenTofu 1.7's state encryption feature is set to change the game.
Listen now and explore Daniel's detailed insights on 'Hacking Terraform State for Privilege Escalation' here.

Daniel Grzelak is a 20-year cybersecurity industry veteran, investor, advisor, and speaker. He is no longer the CISO at Linktree nor the Head of Security at Atlassian, but he tries to stay relevant by hacking AWS and Cloud in general.

Go behind the scenes with The IaC Podcast's special KubeCon episode. Host Roni Frantchi gives you an insider's look, capturing the conference experience, much-anticipated talks, insider takes on the OpenTofu fork, and AI's potential impacts on ops and workflows, among more!
You can watch full recordings of the talks mentioned on the CNCF YouTube page.

Thank you to our amazing guests for this KubeCon edition:
Abdel Sghiouar - Senior Cloud Developer Advocate, Google
Joep Piscaer - DevRel Leader, TLA Tech
Melissa McKay - Developer Advocate, JFrog
Joel Studler - DevOps Engineer, Swisscom
Ashan Senevirathne - Product Owner, Swisscom
Daniel "phrawzty" Maher - Head of Developer Relations, Scaleway
Barun Acharya - Software Engineer, Accuknox + CNCF Ambassador
Saloni Narang - DevRel Freelancer
Saiyam Pathak - Field CTO, Civo
Stuart Miniman - Senior Director of Market Insights, Hybrid Platforms, Red Hat