Professional Documents
Culture Documents
DevSecOps Gap
DevSecOps Gap
Cleanup’s
Resource Action
ACR’s We have lot of unused images & ACR Registries, We need to backtrack it through apps & pipelines and delete the unwanted
Blobs & Key Vaults Need to archive the contents from unused Blob Storage & KVs to delete it
Databases Need to delete the Non Vnet databases (Except production – Util Power BI SFTP Migration)
Azure Dashboards, Alerts Delete all the unused azure dashboards, alerts and app insights
& App Insights
Snyk Delete all the unused projects
Decomm
AKS GitOps
Objective
• Leverage on GitOps practices to maintain aks infra as code & change the configurations according to the project
• Decouple the current pipeline into smaller and manageable chunks for easy onboarding of new projects and to maintain long term
basis. This also eliminates the huge set of variables that we use in pipelines
Scope of Work
• Create New Prod AKS Cluster in Basic Subscription & in ITS Azure Connect Subscription
• Design a GitOps deployment Model & Apply in both the cluster. The Model includes
• Have Deployment yaml’s as part of Git Repo
• Do Image Building & SAST in Azure DevOps
• Use Argo CD for Deployment
• Find a way to Update APIM
Scope of Work
AKS Security
Objective
• Improve the security of AKS
Scope of Work
• Fix the current Azure Policy Issues & analyze how much of Open Policy & Gatekeeper feature are covered in AKS
• Implement SSL for Ingress Controller
• Enable Admin & Operator event logging
THANK YOU