Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Multi-Cloud Strategy for Cloud Architects

You're reading from   Multi-Cloud Strategy for Cloud Architects Learn how to adopt and manage public clouds by leveraging BaseOps, FinOps, and DevSecOps

Arrow left icon
Product type Paperback
Published in Apr 2023
Publisher Packt
ISBN-13 9781804616734
Length 470 pages
Edition 2nd Edition
Tools
Arrow right icon
Author (1):
Arrow left icon
Jeroen Mulder Jeroen Mulder
Author Profile Icon Jeroen Mulder
Jeroen Mulder
Arrow right icon
View More author details
Toc

Table of Contents (23) Chapters Close

Preface 1. Introduction to Multi-Cloud FREE CHAPTER 2. Collecting Business Requirements 3. Starting the Multi-Cloud Journey 4. Service Designs for Multi-Cloud 5. Managing the Enterprise Cloud Architecture 6. Controlling the Foundation Using Well-Architected Frameworks 7. Designing Applications for Multi-Cloud 8. Creating a Foundation for Data Platforms 9. Creating a Foundation for IoT 10. Managing Costs with FinOps 11. Maturing FinOps 12. Cost Modeling in the Cloud 13. Implementing DevSecOps 14. Defining Security Policies 15. Implementing Identity and Access Management 16. Defining Security Policies for Data 17. Implementing and Integrating Security Monitoring 18. Developing for Multi-Cloud with DevOps and DevSecOps 19. Introducing AIOps and GreenOps in Multi-Cloud 20. Conclusion: The Future of Multi-Cloud 21. Other Books You May Enjoy
22. Index

Understanding the need for DevSecOps

Before we dive into the layers of DevSecOps, it’s good to understand why DevSecOps is important in multi-cloud. First, we must understand the layers of securing the cloud. There are four layers to be considered:

  1. Organizational level, or the overarching governance
  2. Enterprise level, ensuring the security across accounts, auditing centralized compliance through monitoring and logging, and promoting automation
  3. Subscription level, using Role-Based Access Control (RBAC), threat detection, and in-depth defense
  4. Solution level, using CI/CD with validated templates, blueprints, and images

We must define security at all levels. The following diagram shows all levels of defense in the cloud.

Figure 13.1: Levels of security in application stacks

The top of the stack is formed by the application payloads. In multi-cloud, enterprises will likely use containers and CI/CD pipelines. With multi-cloud, enterprises...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime