Automate Compliance with AWS OpsWorks for Chef Automate

In an era of rapidly developing threats and continually evolving compliance frameworks, we need to be able to react quickly. The most successful organizations pursue continuous automation in three stages: detect, correct, and automate.

In a recent webinar, Mark Rambow, a Software Development Manager with Amazon Web Services and I demonstrated how to implement this three step process with AWS OpsWorks for Chef Automate. You can watch a recording of the webinar below.

Detect: Assess the state of your infrastructure to be able to identify missing patches or mis-configuration. This turns unknowns into knows that can be schedule accordingly. Chef Automate has built-in profile for CIS and DevSec benchmarks. Those enable you to see how well your infrastructure is doing.

Correct: Once the issues have been identified, we automate the correct solution via cookbooks.

Automate: By combining compliance automation with infrastructure automation, everything can be tested and verified before its put into production. Once it is tested, Chef Automate makes scaling beyond one node very easy.

In the webinar we walked through the following steps:

  • Setup AWS Opsworks for Chef Automate
  • Detect compliance issues on an existing AWS node and report to Chef Automate
  • Correct the setup with Chef cookbooks
  • Scale compliance reporting and server hardening in combination with AWS auto-scaling
  • Use custom InSpec profile to automate your in-house compliance requirements

Get hands-on and learn more

Author Christoph Hartmann