Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
  • Dec 02 12:45
    sonarcloud[bot] commented #700
  • Dec 02 12:34
    akashpaladin review_requested #700
  • Dec 02 12:34
    akashpaladin review_requested #700
  • Dec 02 12:34
    akashpaladin opened #700
  • Dec 02 12:31

    akashpaladin on aws-iam-credential-report-rules

    feat: Policies related to Crede… (compare)

  • Dec 02 12:10
    sonarcloud[bot] commented #699
  • Dec 02 12:02
    sonarcloud[bot] commented #698
  • Dec 02 11:58
    sidharthjain-zemoso opened #699
  • Dec 02 11:58
    sidharthjain-zemoso review_requested #699
  • Dec 02 11:56

    sidharthjain-zemoso on bugs

    fix: fixed breadcrumb model, cl… (compare)

  • Dec 02 11:49
    sidharthjain-zemoso review_requested #698
  • Dec 02 11:49
    sidharthjain-zemoso review_requested #698
  • Dec 02 11:49
    sidharthjain-zemoso review_requested #698
  • Dec 02 11:49
    sidharthjain-zemoso opened #698
  • Dec 02 11:47

    sidharthjain-zemoso on bugs

    fix: fixed breadcrumb model, cl… (compare)

  • Dec 02 06:26
    sonarcloud[bot] commented #697
  • Dec 02 06:13
    kushZemoso review_requested #697
  • Dec 02 06:12
    kushZemoso review_requested #697
  • Dec 02 06:12
    kushZemoso edited #697
  • Dec 02 06:12
    kushZemoso edited #697
Steve Hull
@Steve-Hull
@c.amreth_gitlab welcome to our community
@devsatishm welcome to our community
Ram Gopinathan
@rprakashg
Congrats on the announcement
Check out the policy enforcement engines like kyverno, OPA gatekeeper. I'm seeing more customers preferring use of one of these engines for Policy Enforcement
also something I wished Pacbot had provided during my time at t-mobile which was tools I can use to integrate within a CICD pipeline so I can check from my automation pipeline to see if resources I'm deploying to my cloud environments will be compliant or not
Daniel Deeney
@ddeeney0795x
Ram - thanks, good thoughts on the PE engines and CICD pipeline integration!
1 reply
Ram Gopinathan
@rprakashg
Regarding remediation you are probably going to want to give customers choice here as well ansible automation platform would be the first thing I'd tackle
other thought I wanted to share is if you start going deeper into the stack for ex. Kubernetes you will be competing with some products out there, be very mindful of the investments you would make here because of following reasons, complexity, cost, returns etc... compared to alternative solutions
one other benefit with tackling Ansible automation platform integration is that you could probably get lot of PR/Plug from Red Hat too
Ecosystem and partners would definitely be critical for success
How your products plays with others, like swappable blocks in a lego
Ram Gopinathan
@rprakashg
BTW Damn good to see some of my old friends here. I'm super happy that you all are doing so well. Hope to catch up some time
1 reply
What's the next big milestone for you guys? I'd like to see the control plane running on Kubernetes with some DB (Working a lot with Postgresql and cockroach DB lately on K8s) instead of native cloud services
Ram Gopinathan
@rprakashg
Another thing I'd like to see is Policy enforcement based on tags. For ex. You may have specific policies for production environments that you only want to apply to any resource with tag environment=production
Something like this -> Policy document + Enforcement rule + binding record to enforcement rules.
Ram Gopinathan
@rprakashg
This way everything is nicely decoupled, enforcement engine must be able to take the above three things as inputs and do the policy enforcement
Current Architecture/Design definitely needs to change, all of the enforcement logic is baked into code and any change to policy doc or enforcement rules requires redeployment which I don't really like. Back then when it was built it was probably good enough but now it definitely can and needs to be improved
Steve Hull
@Steve-Hull
Welcome Ram, good to see to see you again. All great thoughts, I will make sure all are in the backlog. We are currently cleaning up a few launch tasks and doing Q3 planning. Will publish our Aug 22 plan next week for visibility, keep the ideas coming.
Kamal Kumar
@kaykumar
@rprakashg towards my end of tmo tenure, I was working on integrating checkov (https://github.com/bridgecrewio/checkov) for the CICD pipeline integration , @Steve-Hull you can advise the team to look at that.
Steve Hull
@Steve-Hull
thanks @kaykumar
Ram Gopinathan
@rprakashg
@kaykumar Is it really enforcing the policies stored in pacbot at build time? The idea with pipeline tools is that the developers get feedback at build time of that infrastructure in cloud rather than after its deployed in production. Basically shift left. it sounds like an checkov is an SCA tools for IAC similar to sonarqube for code
Kamal Kumar
@kaykumar
@rprakashg not really at the time I left tmo, however we thought we will start with policies which can execute using checkov as execution engine and later go toward build time enforcement with all the policies.
Steve Hull
@Steve-Hull
Subbu-PaladinCloud
@Subbu-PaladinCloud
Team, Happy to share our 1.2.0 Release update : https://github.com/PaladinCloud/CE/releases/tag/1.2.0
Subbu-PaladinCloud
@Subbu-PaladinCloud
Team, we have an updated version available (1.3.0) , please see the release notes here : https://github.com/PaladinCloud/CE/releases/tag/1.3.0
Subbu-PaladinCloud
@Subbu-PaladinCloud
Team, we have are happy to announce our new Release ( 1.4.0) , refer to the release note here ( https://github.com/PaladinCloud/CE/releases/tag/1.4.0)
manasm
@manasm:matrix.org
[m]
Hi can anyone help me I am stuck with an issue in Paladium setup?
Subbu-PaladinCloud
@Subbu-PaladinCloud
Hi @manasm, thanks for trying Paladin
can you please provide more information on what you tried out ?
Alternatively, you can also open an issue on our Github with details
sohamlawar1994
@sohamlawar1994:matrix.org
[m]
Hi,
Despite of setup being complete, I am not able to access the Paladin Cloud from the browser of my local system
For more details -
PaladinCloud/CE#551
I request you to check this.
Thanks.
Subbu-PaladinCloud
@Subbu-PaladinCloud
Thanks we will do
1 reply
sohamlawar1994
@sohamlawar1994:matrix.org
[m]
Hello,
Does Paladin Cloud have the ability to monitor Azure Functions?
Subbu-PaladinCloud
@Subbu-PaladinCloud
Hi @sohamlawar1994:matrix.org , I think we started working with you in the issue list.. but this question was missed out.. yes we do have policies for Azure Function Apps.
Team, we released our latest version ( 1.5.0) over 10 days back , refer to the release note here ( https://github.com/PaladinCloud/CE/releases/tag/1.5.0)
Subbu-PaladinCloud
@Subbu-PaladinCloud
Team, Happy to announce our 1.5.1 release, please check out the release notes here : https://github.com/PaladinCloud/CE/releases/tag/1.5.1