Compliance as Code

Abstract

Compliance is an important part of IT systems. It is often performed only as a regular annual audit. The auditors pick up samples of data to check. They can’t check all the data.

Date
Location
Prague, Czech Republic

I went through classical audits, where you fill tens of excel sheets and then consult with internal audit what and how to improve etc. As SRE (Site Reliability Engineer) deals with monitoring and automation, there is also depriving people of manual work. I have seen how the problem is solved on a large scale (cloud providers). I have experience with Oracle Cloud Infrastructure (OCI) and Amazon Web Services (AWS). I’ll show you how to move from Excel to an automatic, near real-time compliance check solution. Proposed solution using Chef Inspec Framework.

Ladislav Prskavec
Software Engineer and SRE