The Cloud Engineering Summit 2021 is coming up fast, and the speakers are out! To get you ready to attend, let’s take a look at the sessions for the Manage track.
The Cloud Engineering Summit’s three tracks are built around three concepts: Build, Manage, and Deploy. I’m Matt Stratton, and I’m your charismatic track chair for Manage. For us, that means managing cloud applications and infrastructure with Policy as Code, visibility, and access controls. For example, managing infrastructure with policies that detect configuration drift, enforce best practices, and even prevent compliance violations before deployment. It means building visibility across your cloud infrastructure so that you always understand its current and past states, including detailed audit history. Finally, you ensure the right guardrails and controls are set in place so that distributed teams can securely develop.
Without further ado, let’s take a look at each of the talks I’ve selected for you!
Overwhelmed by permissions and authorization? Me, too. Fortunately, we have Joy Ebertz presenting Authorization: Ensuring Only Ada Can Access Her Files. Joy is going to cover the various authorization models available to us, with use-cases for each. Authorization can be overwhelming if you don’t have a good grasp of the options available to your organization and an understanding of what works when, so I’m excited for this one.
Taking a higher-level view, Quintessence Anx will be presenting DevSecOps and Secure Incident Response. The introduction of security to the DevOps equation means some shifts in the way we think about the software development lifecycle, and Quintessence is uniquely qualified to talk about why that’s true. A look inside PagerDuty’s 14 Step Secure Incident Response process promises to be interesting for anyone involved in either development or operations.
I don’t think we have the ability to predict the future, but J. Paul Reed wonders if we can develop the ability to forecast incidents just as we have learned to have staggeringly accurate weather short-term forecasts. With Forecasting the Future: Creating a Radar for Risk, Paul will share with us how Netflix uses Risk Radar to collect and make sense of risk in their sociotechnical systems.
When we talk about infrastructure as code, there’s more to it than just the code! Fariba Khan and Stephen Van Gordon will take us on a journey with Lifecycle of a Pulumi Program to share how they leverage a custom state backend with SSO, RBAC, and programmatically configurable pipelines powered by CI/CD tooling and the Pulumi Automation API to drive IaC at their organization.
Snowflake’s Charles Xu will be here to talk about Day-two Operation of Multi-cloud Kubernetes and Vault, a very cool overview of Snowflake’s Kubernetes infrastructure and how Pulumi helps, from blue-green updates, to managing Hashicorp Vault, to rotating TLS certificates. This is a pretty complex topic, so I’m very interested to see where it goes!
Gremlin’s Jason Yee comes to us with Trailblazers: exploration, discovery, & navigating failure - a set of topics that I personally find fascinating and essential! I think we are constantly in a state of discovery and understanding of our complex systems, and learning how to explore them - and work through the inevitable failures - helps us build and operate even more reliable systems.
Rounding things out is the always incredible Tim Banks, with Toxic Velocity: Speed Kills. In this talk, Tim is going to cover the various stressors that put pressure on both organizations and individuals, how they affect us, and what it looks like when things start to spiral out of control. I’m excited for this one because while crashes do happen, we’d all like them to happen less often (or not at all!), and being able to identify some of these things before they become a real problem is better for our businesses and our people.