This session will describe the techniques and patterns used in a real life project where the goal was to: build a VPC on AWS, make it extremely secure on all accounts, do it automated.
I will describe how you can take Puppet and AWS and introduce all kinds of real life security measures, all managed by Puppet. These security measures include: Log collection and analysis (in combination with Graylog2), Transparent Proxy Hosts for DMZ separation, Host Based Firewalls to augment the non-logging AWS firewalls/security groups, CIS (Center for Internet Security) Benchmark enforcement on standard AWS Linux AMIs, change tracking with SVN.
This session will highlight where Puppet saved the day but also where integration was troublesome.
- You've got enough to worry about without adding the hundreds or thousands of dynamic resources cloud applications demand. Puppet Enterprise makes it easier to provision and configure public & private clouds
- Robust orchestration is key to cloud automation. Learn how the Puppet Enterprise 3.0 orchestration engine scales admin know-how to work at the scale demanded by the cloud.
- PuppetConf 2014 will be back in San Francisco. Developer Day will be held September 22, PuppetConf will be held September 23-24. Save the date!