List of videos

In this talk we will focus on four critical security controls that will be integrated as part of the CI/CD pipeline: static application security (SAST), dependency check (SCA), infrastructure as code (IaC) and dynamic application security (DAST). Anything from your Terraform deletes to code vulnerabilities, infrastructure misconfigurations and more can be operationalized and enforced through OPA and ArgoCD or even other GitOps methods and CI tools like Github Actions. Code examples will be showcased as part of this session. Open Policy Agent has become a very popular project in the Kubernetes ecosystem for finer-grained policy management and enforcement. OPA comes with a very convenient dev-friendly language called Rego that can be leveraged as a unified way to manage any deployment changes at scale. In this talk we will focus on four critical security controls that will be integrated as part of the CI/CD pipeline: static application security (SAST), dependency check (SCA), infrastructure as code (IaC) and dynamic application security (DAST). Anything from your Terraform deletes to code vulnerabilities, infrastructure misconfigurations and more can be operationalized and enforced through OPA and ArgoCD. Code examples will be showcased as part of this session. Other talks at this conference 🚀🪐 https://www.conf42.com/cloud2022 — 0:00 Intro 1:27 Talk

Salesforce Functions (https://developer.salesforce.com/docs/platform/functions/overview) help you deliver scalable experiences thanks to the power of elastic compute and open language flexibility. In this session I will explain: - How we've implemented salesforce functions making use of popular open source technologies - How functions are written in node or java (for now), how they can be invoked from Salesforce, and how it can interact with Salesforce data seamleassly - The tooling that we have created to work with Functions (a CLI to run them locally, deploy them, etc.). Everything from a practical approach showing code / running demos. Other talks at this conference 🚀🪐 https://www.conf42.com/cloud2022 — 0:00 Intro 1:27 Talk

Karpenter is a cluster autoscaling solution for Kubernetes cluster. Karpenter uses effective way to autoscale the capacity by interacting directly with the cloud providers computing services to provision capacity for the kubernetes cluster. In this talk, I will discuss how to use Karpenter to scale up and down Kubernetes clusters. Other talks at this conference 🚀🪐 https://www.conf42.com​/cloud2022 — 0:00 Intro 1:27 Talk

In this session I will get you started with real-time cloud native streaming programming with Java, Golang, Python and Apache NiFi. I will start off with an introduction to Apache Pulsar and setting up your first easy standalone cluster in docker. We will then go into terms and architecture so you have an idea of what is going on with your events. I will then show you how to produce and consume messages to and from Pulsar topics. As well as using some of the command line and REST interfaces to monitor, manage and do CRUD on things like tenants, namespaces and topics. We will discuss Functions, Sinks, Sources, Pulsar SQL, Flink SQL and Spark SQL interfaces. We also discuss why you may want to add protocols such as MoP (MQTT), AoP (AMQP/RabbitMQ) or KoP (Kafka) to your cluster. We will also look at WebSockets as a producer and consumer. I will demonstrate a simple web page that sends and receives Pulsar messages with basic JavaScript. After this session you will be able to build simple real-time streaming and messaging applications with your chosen language or tool of your choice. Other talks at this conference 🚀🪐 https://www.conf42.com​/cloud2022 — 0:00 Intro 1:27 Talk

You’ve moved to the cloud-native space. You now have multiple Kubernetes and/or OpenShift clusters, possibly spread around various clouds, and it’s gotten legit unruly. Don’t worry; I’m here to help and give you the tools to help wrangle your clusters so you can focus on building for the business instead of fighting infrastructure. Leveraging GitOps and the principles around a mash-up of traditional infrastructure management and software development practices creates an auditable/accountable/enforceable way to interface with your fleet. In this talk, I’ll be walking through (a strong possibility of your situation) why GitOps has become the de facto way to maintain your cluster(s), advantages and struggles going down this path, and strong suggestions on “fastest time to dopamine” paths. You should know that you can take bits and pieces from this talk and build this up piecemeal, but the sooner you leverage this, the sooner you can start focusing on what makes your business win instead of losing time with administration. Other talks at this conference 🚀🪐 https://www.conf42.com​/cloud2022 — 0:00 Intro 1:27 Talk

Terraform is a GREAT tool, but like a lot of other things in life, it has its pitfalls and bad practices. Since you are working with Terraform, you probably went through its documentation, which can tell you what resources can be used - BUT do you always have a clear path towards using these resources? How should modules be constructed? What should we call these modules? How should you structure your Terraform code in general? In this talk, I’ll cover the good, the bad, and the ugly when it comes to Terraform. I will show best practices for working with Terraform that were put together with a lot of blood, sweat, and tears, so you’ll ultimately have a go-to approach and a paved way of working with Terraform, whether it’s an existing codebase or a new functionality altogether. Other talks at this conference 🚀🪐 https://www.conf42.com/cloud2022 — 0:00 Intro 1:27 Talk

Lifting and shifting applications into the cloud, even monolithic apps, requires minimal to no changes to the application architecture and is straight forward. Once rehosted in the cloud, modernizing a monolith into a microservices based architecture is a natural next step. It helps teams with agility but requires a methodical approach to minimize risk of disruptions to the business. In this session, I cover how to modernize a monolithic application into a microservices-based architecture in AWS. I apply the strangler fig pattern using AWS Migration Hub Refactor Spaces to chip away at the monolith iteratively and demonstrate step by step how to move a sample Spring Boot Java application into microservices built on AWS serverless components. The session is targeted for cloud teams who are looking to modernize their monolithic application stacks rehosted on AWS including those in regulated industries where security and reliability are critical such as Financial Services and Healthcare. Other talks at this conference 🚀🪐 https://www.conf42.com/cloud2022 — 0:00 Intro 1:27 Talk

In their cloud security report last year Gartner states: “Through 2025, more than 99% of cloud breaches will have a root cause of preventable misconfigurations or mistakes by end users.” This statement is one of many affirmations that emphasizes the importance of data resides in the cloud. Yet, while we migrate to cloud environments, we scrutinize the infrastructure; we secure the virtual permitter, workloads, and other assets. We do, however, tend to forget about the security posture of our crown jowl, our data. In this session we present, “ Snapshot”, a patent-pending technology that provides cloud data security posture. This free agentless solution leverages cloud databases snapshot functionality and allows cloud operators to receive thorough insights of their data stored in the cloud. To demonstrate the magnitude of the data exposure issue we will present recent research we conducted by automating the “Snapshot” technology. The research leverages a minor users’ misconfiguration on one of the leading public cloud vendors and exposes significant number of data & sensitive records over dozens of cloud accounts. We will present how we automate the process, what insights we accomplished from the research and reflect on our responsive disclosure process to the vendor. Other talks at this conference 🚀🪐 https://www.conf42.com/cloud2022 — 0:00 Intro 1:27 Talk

As the most popular open source relational database in the world, PostgreSQL keeps attracting the significant attention it deserves. With the ever increasing data storage and query requirements, new challenges are brought forward for horizontal elastic expansion and security of the PostgreSQL database. How to provide existing PostgreSQL databases with incremental capabilities such as data sharding, data encryption and other functions is of great concern to many PostgreSQL users. This will focus on introducing how to empower PostgreSQL thanks to the ecosystem provided by Apache ShardingSphere - an open source distributed database, plus an ecosystem users and developers need for their database to provide a customized and cloud-native experience. ShardingSphere doesn't quite fit into the usual industry mold of a simple distributed database middleware solution. ShardingSphere recreates the distributed pluggable system, enabling actual user implementation scenarios to thrive and contributing valuable solutions to the community and the database industry. The aim of ShardingSphere is the Database Plus concept. Database Plus sets out to build a standard layer and an ecosystem layer above the fragmented database's basic services. A unified and standardized database usage specification provides for upper-level applications, and the challenges faced by businesses due to underlying databases fragmentation get minimized as much as possible. To link databases and applications, it uses traffic and data rendering and parsing. It provides users with enhanced core features, such as a distributed database, data security, database gateway, and stress testing. ShardingSphere uses a pluggable kernel architecture for Database Plus. That means there's modularity, which provides flexibility for the user. Demos and notable use cases in production environments that are from the Asia equivalents of FAANG (Facebook, Amazon etc.) will be used to introduce the use and implementation of these functions for PostgreSQL databases. Other talks at this conference 🚀🪐 https://www.conf42.com/cloud2022 — 0:00 Intro 1:27 Talk