Learn the dangers of using Terraform modules and providers from untrusted sources and get preventive measures to avoid this.
It's hard to argue against the fact that HashiCorp has one of the more thriving communities out there. The Terraform registry is full of countless modules and providers that have allowed users to quickly deploy infrastructure in similar and repeatable ways. But the ease of re-using community modules and providers does not come without risk.
In this talk, Jay Wallace will cover the dangers of using Terraform modules and providers from untrusted sources. He will also cover how to implement preventive measures to avoid this sort of danger and cover some security best practices when utilizing code from the community.
Speaker: Jay Wallace
HashiCorp Deep Dive Demos from Ignite and KubeCon Europe
How Remote Work is Driving the Need for Multi-Cloud DevSecOps: How to Build a Pipeline
How Terraform and Behavior-Driven Development Help Shift Security Left
Re-potting Overgrown Terraform Repositories