Publication

Abstract :

The security challenges posed by Infrastructure as code (IaC) are outgrowing established security procedures in an era of rapidly adopting cloud computing and DevOps methodologies. Using security principles to be integrated into the CI/CD pipeline for continuous validation and remediation, this research work proposes a DevSecOps approach to enable cloud environment IaC security. The proposed architecture evaluates CloudFormation Template file to the specified security policy by utilizing Open Policy Agent (OPA). Any violations are flagged by OPA, which may force the deployment process to stop. By incorporating security and compliance considerations into the development pipeline, this method guarantees that vulnerabilities are kept out of production systems. Organizations can improve the overall security posture of their cloud systems by proactively identifying and remediating security problems by implementing a DevSecOps approach. By ensuring that IaC deployments adhere to specified security policies based on the compliance requirements, OPA's continuous security validation reduces the possibility of misconfigurations and security flaws.