Newslurp

<< Stories

GitLab Duo Enterprise 🆕, Policy-as-Code in GKE ☁️, Outage Response Best Practices 📜

TLDR DevOps <dan@tldrnewsletter.com>

August 26, 11:05 am

TLDR DevOps
GitLab has launched the GitLab Duo Enterprise add-on, offering end-to-end AI capabilities across the entire software development lifecycle. 

TLDR

Together With Sonrai Security

TLDR DevOps 2024-08-26

Access 2024: A virtual summit on all things identity, access, and permissions (Sponsor)

There's no better way to learn than hearing practitioners talking shop. If you've got even a fleeting interest in security or cloud permissions management, you'll want to save your free spot at the upcoming Access Virtual Summit.

Join Sonrai Security and an exciting lineup of speakers from EY, AWS, and other top organizations, for a full day of sessions covering pressing industry issues:

→ Cloud permissions

→ IAM

→ Privilege escalation attacks

→ And more (see the full agenda)

If you register for free with just your business email, you'll gain access to all of the sessions — forever. Sign up now!

📱

News & Trends

Terraform AzureRM provider 4.0 adds provider-defined functions (2 minute read)

HashiCorp Terraform AzureRM provider 4.0 introduces provider-defined functions and improved resource provider registration, enhancing extensibility and user control. This major release also includes breaking changes, so users are advised to review the upgrade guide and pin their provider version.
GitLab Announces the General Availability of GitLab Duo Enterprise (4 minute read)

GitLab has launched the GitLab Duo Enterprise add-on, offering end-to-end AI capabilities across the entire software development lifecycle. GitLab was also recognized as a Leader in the 2024 Gartner Magic Quadrant for AI Code Assistants, highlighting its commitment to helping organizations develop secure software faster.
NIST's first post-quantum standards (6 minute read)

NIST has released post-quantum cryptography standards, marking a significant milestone in preparing global digital security for the quantum computing era.
🚀

Opinions & Tutorials

Implementing Policy-as-Code in GKE (11 minute read)

Automating security compliance through policy-as-code in Google Kubernetes Engine (GKE) is crucial for ensuring consistency and reducing errors. Tools like Open Policy Agent (OPA) and the Kubernetes policy controller streamline this automation, enabling real-time policy enforcement, scalability, and integration with CI/CD pipelines to enhance security and compliance.
Best Practices for Responding to a Major Outage (5 minute read)

During the CrowdStrike outage, IT teams used alert filtering, correlation, and enriched incident data to manage the flood of alerts and identify critical issues quickly. Post-event analysis and improved scalability efforts are essential for enhancing future incident response and system resilience.
🧑‍💻

Resources & Tools

How to build the ultimate dev team with supplemental development (Sponsor)

There comes a time when you need more developer firepower to tackle big projects or close knowledge gaps. But hiring full time isn't always the answer: the best organizations know when to grow in-house, and when to bring on skilled developers with external partners. Read the guide by Onsharp to learn how to strike the right balance.
Haystack (Website)

Haystack is an innovative IDE built on a canvas that simplifies coding by taking care of tedious tasks, allowing developers to navigate and refactor their code with ease while enhancing productivity and creativity.
YugabyteDB (GitHub Repo)

YugabyteDB is a powerful, cloud-native distributed SQL database that combines PostgreSQL compatibility with scalability, fault tolerance, and global distribution capabilities, making it ideal for mission-critical applications that require data consistency and high performance in cloud environments.
🎁

Miscellaneous

SSO and RBAC: a secure access strategy for your Kubernetes (7 minute read)

In the rapidly evolving realm of cloud-native computing, Kubernetes has become the leading choice for container orchestration. This article delves into securing your Kubernetes environment through Single Sign-On (SSO) and Resource-Based Access Control (RBAC), addressing the complexities of managing access across multiple clusters.
Putting a meaningful dent in your error backlog (3 minute read)

This article highlights the issue with bloated error tracking systems and proposes using "excluded behaviors" to effectively manage and reduce error backlogs. By systematically addressing and fixing specific categories of errors, such as deadlocks or network timeouts, teams can incrementally improve system reliability and make troubleshooting easier, leading to a more stable and predictable system.

Quick Links

'Grafana's Big Tent' podcast: Season 2 is here! (17 minute read)

Grafana has launched a new season of its podcast on the topic of caching, discussing its various levels, implementation strategies, and how it can significantly boost the performance of high-traffic, distributed systems.
How 1 Exposed Honeywell API Gave Us Control Over an Internal Engineering System (4 minute read)

Discover how a single exposed API endpoint led to full control over Honeywell's internal engineering system, highlighting the critical importance of comprehensive API security measures in today's digital landscape.
Linux Pipes are Slow (8 minute read)

This article discusses optimizing Linux pipe transfers using the vmsplice system call, which significantly boosts data transfer speeds by avoiding data copying to kernel space.

Love TLDR? Tell your friends and get rewards!

Share your referral link below with friends to get free TLDR swag!
https://refer.tldr.tech/fc7198a6/10
Track your referrals here.

Want to advertise in TLDR? 📰

If your company is interested in reaching an audience of devops professionals and decision makers, you may want to advertise with us.

If you have any comments or feedback, just respond to this email!

Thanks for reading,
Kunal Desai & Martin Hauskrecht


If you don't want to receive future editions of TLDR DevOps, please unsubscribe from TLDR DevOps or manage all of your TLDR newsletter subscriptions.