Securing your applications by building an standardized OS image.
Ahoy there! I have been working in IT for around 10 years and never feel more satisfied of a project than working in the Apptio Base AMI. This project had me to get a release process that will output an secured O.S. image for AWS, seemed simple but then started to get complicated... I gave this talk on Hashitalks 2020: https://www.hashicorp.com/resources/using-an-image-release-process-for-security-wins , which lead me to write all of this into a blog post. I was supposed to give the same talk in Devops Days Seattle, but it got canceled because of the virus. Why should we even think on a custom O.S. image? Well there are several reasons to get this process in place, I.E. Faster application deployment by pre-doing a lot of the deployment process ahead of time. Secured images by patching it, removing unwanted programs, ACL's, Kernel updates. Make your application to be more consistent by being in control of the OS environment they will run on. Threat your images as
