InfraSec Practice
Infrastructure and security engineering (InfraSec) is the practice of building secure, robust systems that are foundational to having reliable applications and services. While infrastructure as code is a core area for this practice, it also involves system design, incident response, and a number of other fields.
Theoryβ
- InfraSec Practice Charter - How we think about the Truss InfraSec Practice.
- Good Infrastructure - A Philosophy β How we think about building good infrastructure.
- π InfraSec "Book" Club - Talk and Article Suggestions βΒ Talks and articles we π.
Practiceβ
- AWS β Our primary cloud provider.
- Terraform β Our primary infrastructure as code (IaC) tool.
- CI/CD at Truss β Guiding stars for building CI/CD, the Truss way.
- Ansible β For when we have to build non-container based images (e.g., AMIs).
Education recommendationsβ
Things to help you level up your skills.
Useful Repo Templatesβ
To get you up and running faster, we have created a few template repos. Please feel free to submit PRs and help us stay up to date!
Tutorialsβ
AWSβ
- Setting Up Your AWS User β How to set up your AWS user in the Truss internal infrastructure. You will need the assistance of someone with administrative privileges in our AWS organization to help you.
- Your First Lambda Function βΒ A guide to deploying your first AWS Lambda Function with Go and Terraform.
CI/CDβ
- Honeycomb CircleCi Metrics - How to add Honeycomb to CircleCi for build metrics.
Securityβ
- One-Time Passwords β How to set up one-time passwords for GitHub with 1Password.
- YubiKey Configuration Guide βΒ How to get and configure a YubiKey for use in commit signing.
- YubiKey SSO βΒ How to configure a Google Account to use YubiKey (for GSuite admins).