Virtually every discussion of the cloud both praises and critiques the very thing that makes the likes of AWS, Azure, and GCP so revolutionary: Convenience.
For the sectors of tech subject to rigorous regulation and compliance, developers often find themselves writing ad-hoc scripts in order to meet security standards. However, as TechRepublic points out, these scattered bits of code quickly become unwieldy and unruly.
The result is a system that is difficult to audit, monitor, and operationalize. This is not only a budget nightmare but a security hazard.
Cloud Custodian is an open source project that addresses the challenges of modern cloud governance with a Policy as Code solution that empowers remediation and automation. Cloud Custodian’s Policy as Code language is easy for IT and security admins to use because it is high order, YAML-based, and leverages a domain-specific language (DSL) where the domain is public cloud resource information. Cloud Custodian began development in 2016 and swiftly amassed adopters and contributors.
Spearheaded by Kapil Thangavelu, the creator and lead maintainer for Cloud Custodian, Stacklet takes Cloud Custodian one step further by synthesizing the capabilities of Cloud Custodian into a cloud governance platform.