The tools for cloud native operations can cover many different areas, and the following list is by no means complete. The list simply reflects some of the most important and pivotal tools the authors have used or encountered in their projects.
For most developers, the thought of using email or any other chat-based service is a nonstarter. Slack represents a shift in the way teams communicate by bringing together human CND teams and bots to create a unified communications platform for making decisions, sharing progress, and operating systems (https://slack.com/).
The cfn-nag (https://github.com/stelligent/cfn_nag) tool looks for patterns in AWS CloudFormation templates that may indicate insecure infrastructure. Roughly speaking, it will look for the following:
- IAM rules that are too permissive (wildcards)
- Security group rules that are too permissive (wildcards)
- Access logs that aren't enabled
- Encryption that isn't enabled