The IaC Podcast Ohad Maislish

How are modern cloud-native environments changing the way we handle security? Liz Rice, Chief Open Source Officer at Isovalent, explains why traditional IP-based network policies are becoming outdated and how game-changers like Cilium and eBPF, which leverage Kubernetes identities, offer more effective and readable policies. We also discuss the role of community-driven projects under the CNCF, and she shares tips for creating strong, future-proof solutions. What challenges should we expect next? Tune in to find out!

Liz Rice is Chief Open Source Officer with eBPF specialists Isovalent, creators of the Cilium cloud native networking, security and observability project. She is the author of Container Security, and Learning eBPF, both published by O'Reilly, and she sits on the CNCF Governing Board, and on the Board of OpenUK. She was Chair of the CNCF's Technical Oversight Committee in 2019-2022, and Co-Chair of KubeCon + CloudNativeCon in 2018.
She has a wealth of software development, team, and product management experience from working on network protocols and distributed systems, and in digital technology sectors such as VOD, music, and VoIP. When not writing code, or talking about it, Liz loves riding bikes in places with better weather than her native London, competing in virtual races on Zwift, and making music under the pseudonym Insider Nine.

Tools, workflows and the Terraform ecosystem - Masterpoint's Matt Gowie dives deep into the IaC tooling landscape, covering tools like Terragrunt and Atmos, linting with TFLint, security scanning, CI/CD workflows and more. From Terraform 0.11 to OpenTofu, static code analysis to encryption, gain an inside look at pragmatic IaC practices.

Matt Gowie is a seasoned entrepreneur, cloud architect, and platform engineer based in Boulder, Colorado. As CEO and CTO of Masterpoint, he leads a team dedicated to developing top-tier infrastructure-as-code solutions for a diverse clientele. With over twelve years of experience in software development, tech startups, and cloud infrastructure, Matt has a deep passion for Terraform and OpenTofu. He actively contributes to the community as a core maintainer of one of the largest open-source Terraform Module libraries and an AWS Community Builder. Outside of work, you can find him rock climbing across the American West, training for an ultramarathon, or exploring remote corners of the globe.

How have DevOps movements broken down the longstanding cultural barriers between developers and operations teams? What role have container technologies like Docker played in shaping today's IT landscape? John Willis, with over 35 years in IT management, dives into these questions, sharing his insights on simplifying complex systems and fostering integration between development and operations.
Tune in to this must-listen episode as we explore the evolution and future of DevOps with a pioneer in the field.

John Willis has worked in the IT management industry for more than 35 years and is a prolific author, including "Deming's Journey to Profound Knowledge" and "The DevOps Handbook." He is researching DevOps, DevSecOps, IT risk, modern governance, and audit compliance. Previously he was an Evangelist at Docker Inc., VP of Solutions for Socketplane (sold to Docker) and Enstratius (sold to Dell), and VP of Training & Services at Opscode where he formalized the training, evangelism, and professional services functions at the firm. Willis also founded Gulf Breeze Software, an award winning IBM business partner, which specializes in deploying Tivoli technology for the enterprise. Willis has authored six IBM Redbooks for IBM on enterprise systems management and was the founder and chief architect at Chain Bridge Systems.

How could read access to an S3 bucket escalate to a full AWS environment compromise? Daniel Grzelak walks us through a real red team engagement that sparked his research into Terraform state file vulnerabilities. Hear about the evolution of these vulnerabilities into significant security concerns and how OpenTofu 1.7's state encryption feature is set to change the game.
Listen now and explore Daniel's detailed insights on 'Hacking Terraform State for Privilege Escalation' here.

Daniel Grzelak is a 20-year cybersecurity industry veteran, investor, advisor, and speaker. He is no longer the CISO at Linktree nor the Head of Security at Atlassian, but he tries to stay relevant by hacking AWS and Cloud in general.

Go behind the scenes with The IaC Podcast's special KubeCon episode. Host Roni Frantchi gives you an insider's look, capturing the conference experience, much-anticipated talks, insider takes on the OpenTofu fork, and AI's potential impacts on ops and workflows, among more!
You can watch full recordings of the talks mentioned on the CNCF YouTube page.

Thank you to our amazing guests for this KubeCon edition:
Abdel Sghiouar - Senior Cloud Developer Advocate, Google
Joep Piscaer - DevRel Leader, TLA Tech
Melissa McKay - Developer Advocate, JFrog
Joel Studler - DevOps Engineer, Swisscom
Ashan Senevirathne - Product Owner, Swisscom
Daniel "phrawzty" Maher - Head of Developer Relations, Scaleway
Barun Acharya - Software Engineer, Accuknox + CNCF Ambassador
Saloni Narang - DevRel Freelancer
Saiyam Pathak - Field CTO, Civo
Stuart Miniman - Senior Director of Market Insights, Hybrid Platforms, Red Hat

How widespread is Infrastructure-as-Code adoption? What tools are dominating the IaC space? Could AI play a disruptive role? Join us as we dig into Firefly's comprehensive State of IaC Report and explore the latest trends with co-founder Eran Bibi.
Tune in for a must-listen episode on where organizations currently stand in codifying cloud resources, and key insights into the future of managing Infrastructure-as-Code.
Download The State of IaC Report
Eran Bibi is Co-Founder & Chief Product Officer at Firefly. With years of experience in anything DevOps/SRE and security, he has earned a reputation as a CI/CD and SRE expert and an avid admin of Cloud Platforms and containerized environments.
Prior to Firefly, Eran was Head of DevOps & Cloud Platform at Aqua Security and DevOps Group Lead at Finastra. Eran is a frequent speaker at Cloud Native meetups, AWS community meetups, and other cloud workshops and conferences.

Sponsored by: https://www.env0.com/