fwd:cloudsec 2023

fwd:cloudsec 2023

Rolling out AWS Infrastructure Everywhere with Space Ships
2023-06-13 , Salon B

AWS Organizations lacks a lot of the features that cloud security engineers need. It often lacks support for rolling out security specific infrastructure that you need where you need it. Unfortunately, there is also a lack of good open or closed source options available for security engineers to roll out infrastructure wide components. Often, security engineers and developers have to build out their own quick and dirty and bespoke scripts to accomplish these tasks. In this talk, we discuss the problem space in greater depth and how we are working around this problem. We have also built an open source project called Starfleet that solves the problems in this space that you can use without having to start from scratch. Starfleet is a whole infrastructure AWS automation framework that allows you to easily run workloads with AWS account and region context. This enables security engineers to place infrastructure components everywhere they need it, and configured exactly how they need it; guaranteed without drift. More details on Starfleet can be found here: https://gemini-oss.github.io/starfleet/

My name is Mike Grima. I'm a Staff Cloud Security Engineer at Gemini. Prior to Gemini, I was a Senior Cloud Security Engineer at Netflix for several years. Cloud Security is a topic that I am very passionate about, and I love building open source tools to help solve very large scale security issues in the cloud.