DevOps on AWS Radio Mphasis Stelligent

In this episode, Kinnaird McQuade, Lead Cloud Security Engineer at Salesforce, joins us to talk about his tools Cloudsplaining and Policy Sentry. Policy Sentry provides a framework for writing IAM policies to make it easier to create least privilege policies. Cloudsplaining can help find policies that may allow more access than required.
Keith Monihen joins hosts Scott Alexander and Shaug Evans this episode to talk about the Stelligent book club and how it helps create a culture of learning and shared connection among employees.

For full episode details, visit https://stelligent.com/blog/

Episode Notes

Hosted by Scott Alexander (@salexpdx) and Shaug Evans (@ohshaughnessy)
Interview Guest: Kinnaird McQuade @kmcquade3
Stelligent Guest: Keith Monihen @KeithMonihen


Episode Timeline
00:00 Podcast Introduction and welcome
01:00 Kinnaird McQuade interview
28:15 Discussion of Interview with Scott, Shaug, and Keith
33:00 Recent Blog Post
36:50 Stelligent Book Club
48:00 Closing Contact Information

Relevant Links
CloudSplaining https://cloudsplaining.readthedocs.io/en/latest/
Policy Sentry https://policy-sentry.readthedocs.io/en/latest/
Kinnaird McQuade Website https://kmcquade.com/
Open Source at Salesforce https://opensource.salesforce.com/
Salesforce Careers https://www.salesforce.com/company/careers/
AWS Nuke - https://github.com/rebuy-de/aws-nuke
Cloud Custodian - https://cloudcustodian.io/
Cloud Tracker - https://github.com/duo-labs/cloudtracker


Blog posts:
Trend Micro Smart Scan: https://stelligent.com/2020/05/22/is-my-container-image-secure-ci-cd-container-scanning-using-trend-micro-deep-security-smart-check-and-aws-codepipeline/
Amazon Inspector Introduction: https://stelligent.com/2020/05/08/introduction-to-amazon-inspector/
Implementing Amazon Inspector in Automated AMI Pipelines: https://stelligent.com/2020/05/08/implementing-amazon-inspector-in-automated-ami-pipelines/
CFN Leaprog: https://stelligent.com/2020/05/15/generating-least-privileged-iam-roles-for-cloudformation-and-service-catalog-with-cfn-leaprog/
Paul Duvall’s Forbes Article: https://www.forbes.com/sites/forbestechcouncil/2020/05/01/exponential-cloud-security/

Books:

The Year without Pants - https://www.amazon.com/Year-Without-Pants-WordPress-com-Future-ebook/dp/B00DVJXI4M
People Centric Security - https://www.amazon.com/People-Centric-Security-Transforming-Enterprise-Culture-ebook/dp/B015EZ2PT4
Accelerate - https://www.amazon.com/Accelerate-Software-Performing-Technology-Organizations-ebook/dp/B07B9F83WM
Clean Code - https://www.amazon.com/Clean-Code-Handbook-Software-Craftsmanship-ebook/dp/B001GSTOAM
Clean Architecture - https://www.amazon.com/Clean-Architecture-Craftsmans-Software-Structure-ebook/dp/B075LRM681


Intro/Outtro music - Atmosphere by Mi77er
https://soundcloud.com/mi77ermusic/atmosphere-original-mix-progressive-ambient-house

Hosts:
Scott Alexander (@salexpdx)
Shaug Evans (@ohshaughnessy)

Episode Timeline
01:08 What Is happening with the podcast
03:35 Michael Neil interview
18:30 Open Source at Mphasis Stelligent
21:15 Recent Blog Post
31:45 Closing Contact Information

Relevant Links
Mutato open-source framework for building containerized micro-services on the AWS ecosystem 
https://github.com/stelligent/mutato

Mu: Open source framework in go for deployment pipelines
https://github.com/stelligent/mu

Building Developer Sandboxes with Attribute Based Access Control
https://stelligent.com/2020/05/01/building-developer-sandboxes-on-aws-with-attribute-based-access-control-abac/

IAM Complexity blog post
https://stelligent.com/2020/03/27/thought-experiment-proposed-complexity-metric-for-iam-policy-documents/

Blog posts about remote work
https://stelligent.com/category/remote-work/

Podcast Details:
What Is happening with the podcast - The podcast has new hosts and a tweaked format to make it more useful to our listener. The interview is now at the front of the podcast and the news and discussion is the second half of the recording.
Michael Neil interview - Stelligent’s newest open source project Mutato (pronounced muh-tah-toe) joins the podcast to talk about the project. It is an open-source framework for building containerized micro-services on the AWS ecosystem. The project handles many of the details for new AWS users to get containers deployed to ECS and EKS quicker.
Open Source at Mphasis Stelligent - In addition to our projects, we also publish source code that supports our blog posts. One recent blog post is Eric Kascic’s “Thought experiment - Complexity metrics for IAM Policy documents”. In addition to the blog post, he wrote code that implements his idea and the repository is public for anyone to see.
Recent Blog Post - Several other recent blog posts are discussed including the recent series of articles about working remotely, Scott Nixon’s Building developer sandboxes with Attribute Based Access Control is discussed for teams that may have to share an AWS account and for the opening look into identification documents and their history.
Closing Contact Information - On Twitter, You can find Shaug Evans @ohshaughnessy and Scott Alexander @salexpdx, For more information about Mphasis Stelligent, visit https://stelligent.com

Intro/Outtro music Atmosphere by Mi77er
https://soundcloud.com/mi77ermusic/atmosphere-original-mix-progressive-ambient-house

In this episode, we chat with Michael Wittig an AWS Community Hero prior to re:Invent 2019 with some of our hopes and expectations of the conference, and we also dive into a number of topics including Michael's most recent book. In this episode, Paul Duvall and Michael Wittig will give you an overview of the Do's and Don'ts of Containers on AWS, the open source tool cfn-modules, de-mything the Serverless hype, and also covers cost related issues and the recent Savings Plans released in order to reduce your bill. To learn more about Stelligent, visit www.stelligent.com.