Infrastructure and security engineering (InfraSec) is the practice of building secure, robust systems that are foundational to having reliable applications and services. While infrastructure as code is a core area for this practice, it also involves system design, incident response, and a number of other fields.
- InfraSec Practice Charter - How we think about the Truss InfraSec Practice.
- Good Infrastructure - A Philosophy — How we think about building good infrastructure.
- 🔒 InfraSec "Book" Club - Talk and Article Suggestions — Talks and articles we 💖.
- AWS — Our primary cloud provider.
- Terraform — Our primary infrastructure as code (IaC) tool.
- CI/CD at Truss — Guiding stars for building CI/CD, the Truss way.
- Ansible — For when we have to build non-container based images (e.g., AMIs).
Things to help you level up your skills.
Useful Repo Templates
To get you up and running faster, we have created a few template repos. Please feel free to submit PRs and help us stay up to date!
- Setting Up Your AWS User — How to set up your AWS user in the Truss internal infrastructure. You will need the assistance of someone with administrative privileges in our AWS organization to help you.
- Your First Lambda Function — A guide to deploying your first AWS Lambda Function with Go and Terraform.
- Honeycomb CircleCi Metrics - How to add Honeycomb to CircleCi for build metrics.
- One-Time Passwords — How to set up one-time passwords for GitHub with 1Password.
- YubiKey Configuration Guide — How to get and configure a YubiKey for use in commit signing.
- YubiKey SSO — How to configure a Google Account to use YubiKey (for GSuite admins).