Scribd Logo
Upload

Welcome to Scribd!

  • DevSecOps Gap

    Uploaded by

    Demetrio Barrozo Dela Rosa Jr.
    21 views8 pages
    This document outlines several DevOps initiatives to improve security, monitoring, and cleanup of Azure resources. It discusses plans to delete unused resources like ACR images, blobs, databases and dashboards. It also describes pending migrations of applications to AKS and plans to implement GitOps practices for infrastructure as code. Monitoring and alerting of Azure services and AKS is to be set up using Grafana. Security of existing AKS clusters will be improved by addressing policy issues and enabling SSL and logging.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document outlines several DevOps initiatives to improve security, monitoring, and cleanup of Azure resources. It discusses plans to delete unused resources like ACR images, blobs, databases and dashboards. It also describes pending migrations of applications to AKS and plans to implement GitOps practices for infrastructure as code. Monitoring and alerting of Azure services and AKS is to be set up using Grafana. Security of existing AKS clusters will be improved by addressing policy issues and enabling SSL and logging.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    21 views8 pages

    DevSecOps Gap

    Uploaded by

    Demetrio Barrozo Dela Rosa Jr.
    This document outlines several DevOps initiatives to improve security, monitoring, and cleanup of Azure resources. It discusses plans to delete unused resources like ACR images, blobs, databases and dashboards. It also describes pending migrations of applications to AKS and plans to implement GitOps practices for infrastructure as code. Monitoring and alerting of Azure services and AKS is to be set up using Grafana. Security of existing AKS clusters will be improved by addressing policy issues and enabling SSL and logging.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    of 8

    PLEASE INSERT CLASSIFICATION HERE

    Current DevSecOps Gap


    PLEASE INSERT CLASSIFICATION HERE

    Cleanup’s

    Resource Action
    ACR’s We have lot of unused images & ACR Registries, We need to backtrack it through apps & pipelines and delete the unwanted

    Blobs & Key Vaults Need to archive the contents from unused Blob Storage & KVs to delete it

    Databases Need to delete the Non Vnet databases (Except production – Util Power BI SFTP Migration)

    VNet Delete all the unused VNets

    Azure Dashboards, Alerts Delete all the unused azure dashboards, alerts and app insights
    & App Insights
    Snyk Delete all the unused projects

    Sonar Delete all the unused projects

    Express Grid – Development updates | September 2021 2


    PLEASE INSERT CLASSIFICATION HERE

    AKS Pending Migrations


    App Status
    Chat Central Yet to Migrate

    External Service API In Progress

    COI Yet to Migrate

    Sync Service Yet to Migrate

    ESMS Yet to Migrate

    Express Grid – Development updates | September 2021 3


    PLEASE INSERT CLASSIFICATION HERE

    Decomm

    BBX Yet to Start

    Explore Yet to Start

    Meta Yet to Start

    Express Grid – Development updates | September 2021 4


    PLEASE INSERT CLASSIFICATION HERE

    AKS GitOps
    Objective
    • Leverage on GitOps practices to maintain aks infra as code & change the configurations according to the project
    • Decouple the current pipeline into smaller and manageable chunks for easy onboarding of new projects and to maintain long term
    basis. This also eliminates the huge set of variables that we use in pipelines

    Scope of Work

    • Create New Prod AKS Cluster in Basic Subscription & in ITS Azure Connect Subscription
    • Design a GitOps deployment Model & Apply in both the cluster. The Model includes
    • Have Deployment yaml’s as part of Git Repo
    • Do Image Building & SAST in Azure DevOps
    • Use Argo CD for Deployment
    • Find a way to Update APIM

    Express Grid – Development updates | September 2021 5


    PLEASE INSERT CLASSIFICATION HERE

    AKS & Azure Monitoring


    Objective
    • Setup Monitoring & Alerting for Azure Components & AKS

    Scope of Work

    • Setup Grafana Cloud Monitoring on new AKS instances


    • Setup Alerts & Alerts Routing based on dev teams
    • Explore FE monitoring using Faro
    • Setup Monitoring for Azure Databases on Grafana
    • Explore K6 API Testing

    Express Grid – Development updates | September 2021 6


    PLEASE INSERT CLASSIFICATION HERE

    AKS Security
    Objective
    • Improve the security of AKS

    Scope of Work

    • Fix the current Azure Policy Issues & analyze how much of Open Policy & Gatekeeper feature are covered in AKS
    • Implement SSL for Ingress Controller
    • Enable Admin & Operator event logging

    Express Grid – Development updates | September 2021 7


    PLEASE INSERT CLASSIFICATION HERE

    THANK YOU

    You might also like