“We developed Cloud Custodian to give us a sort of unified view of, and enforcement of, all the policies that are happening in an AWS public cloud account,” explained Capital One Senior Distinguished Engineer Kapil Thangavelu, in a conversation with Alex Williams from the recent O’Reilly Open Source conference for The New Stack Makers.
Developers, Thangavelu told us, tend to do silly things – for example, leaving whole portions of their databases public. As Capital One built out its containerization strategy, its engineers found themselves devising scripts for ensuring that these stupid things don’t yield catastrophic results. But these were case-by-case instances, involving YAML and Python, and soon they needed a way to apply more generic scripts to wider sets of criteria, to enforce policies and apply guardrails as developers wandered into unexplored territories.
Listen now to 'Cloud Custodian and Capital One Ask, What's In Your Amazon Cloud?' — the latest edition of The New Stack Makers.
Watch on YouTube: https://youtu.be/e2lT2i7zqOM