Stream: Virtual Room 2
Time: 10:00 - 10:45
Ansible code often gets executed with a very high level of access to ensure it can perform all the necessary actions to complete its task. This high level of access creates the risk of attacks leveraging the automation code as an attack vector.
It is possible to use cryptographic signatures to prevent the risk of executing code that has not been properly vetted.
In this talk, we will see how it is possible to integrate cryptographical assurances into Ansible, and we will delve into some implementation decisions and suggestions to ensure that the result completely satisfies the requirements.
There is currently no attachment for Where does your Ansible code come from?
EMEA Principal Specialist Solution Architect, Red Hat Fabio Alessandro Locati - commonly known as Fale - is a Principal Specialist Solution Architect at Red Hat, public speaker, author, and Open Source contributor. His primary areas of expertise are Linux, automation, security, and cloud technologies. Fale has more than 20 years of working experience in IT, with many of them spent consulting for many companies, including dozens of Fortune 500 companies. He is the author of the books Practical Ansible 2, Learning Ansible 2, Learning Ansible 2.7, and OpenStack Cloud Security. In the spare time he helps in the Kubernetes, Fedora Project, Ansible, Wikimedia, Open Street Map communities as well as in many smaller projects on GitHub and similar platforms.
Click here to give some Feedback so we can make it even better next year!