Demo

Building a Secure AWS Golden Image Pipeline with Packer, Vault and Terraform

Published 5:00 AM UTC Apr 27, 2022

Get an end-to-end demo of a Terraform, Vault, and Packer-based CI/CD golden workflow for building secure and compliant OS images. Triggering Ansible and OpenSCAP for OS image compliance and post-install steps.

Relying on post-provisioning updates and customization can only take you so far. Baking in security fixes, compliance and configuration as part of your OS image eliminates the attack window while your image is insecure (post provisioning), speeds up the end-to-end provisioning process, and can even be used to setup an 'immutable' design.

»What You'll Learn

Mihai Criveti and Elif Samedin will provide an end-to-end demo of a Terraform, Vault, and Packer-based CI/CD workflow for building secure and compliant OS images. Triggering Ansible and OpenSCAP for OS image compliance and post-install steps.

More resources like this one

  • 4/11/2024
  • FAQ

Introduction to HashiCorp Vault

Vault identity diagram
  • 12/28/2023
  • FAQ

Why should we use identity-based or "identity-first" security as we adopt cloud infrastructure?

  • 3/15/2023
  • Presentation

Advanced Terraform techniques

  • 3/14/2023
  • Article

5 best practices for secrets management

View all resources