"Building a Hyper-Secure VPC on AWS with Puppet" by Tim Nolet, Technical Architect, Xebia.
Presentation Overview: This session will describe the techniques and patterns used in a real life project where the goal was to: build a VPC on AWS, make it extremely secure on all accounts, do it automated.
I will describe how you can take Puppet and AWS and introduce all kinds of real life security measures, all managed by Puppet. These security measures include: Log collection and analysis (in combination with Graylog2), Transparent Proxy Hosts for DMZ separation, Host Based Firewalls to augment the non-logging AWS firewalls/security groups, CIS (Center for Internet Security) Benchmark enforcement on standard AWS Linux AMIs, change tracking with SVN.
Speaker Bio: Tim Nolet is an infrastructure architect and continuous delivery consultant working for Xebia (www.xebia.com). Brought up on a steady diet of Java enterprise applications, he has helped his customers design, build and manage internet infrastructures in diverse areas of travel, retail, banking, energy and public services. Currently, he is on a mission to reap all the benefits of automated deployment and cloud engineering to deliver fast, safe and stable applications. Together with Amazon Web Services, Puppet plays a major role in this mission. Tim also smiles when you let him dive deep into performance, security and stability issues, or let him play guitar for a day.