aster.cloud aster.cloud
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
aster.cloud aster.cloud
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
  • Cloud-Native
  • Software Engineering

Cloud Custodian Goes Beyond The Cloud To Bring Governance As Code To Kubernetes And IaC

  • aster.cloud
  • October 31, 2022
  • 3 minute read

This week the Cloud Custodian project, part of the CNCF incubator, added a Kubernetes admission controller for easy event-driven policy management within your cluster.  The project also added support for running policies against HashiCorp’s Terraform. With these additions, Cloud Custodian represents a single tool that enables comprehensive, frictionless governance for cloud-native infrastructure, including infrastructure as code (IaC), cluster, and cloud environments. The project reduces the operational complexity of learning and implementing multiple tools and workflows.

Cloud Custodian: The De Facto Standard for Public Cloud Governance

Cloud Custodian is a leading governance as a code tool. With the tool, organizations can use code to manage and automate the enforcement of policies for cloud cost optimization, security, compliance, and operations—without hindering developer velocity. Over the past few years, Cloud Custodian has become the de facto standard for public cloud governance. Thousands of organizations now rely upon the tool, including Capital One, Code 42, Grupo, HBO Max, Intuit Inc, JP Morgan Chase & Co, Siemens, Premise Data, and Zapier.


Partner with aster.cloud
for your next big idea.
Let us know here.



From our partners:

CITI.IO :: Business. Institutions. Society. Global Political Economy.
CYBERPOGO.COM :: For the Arts, Sciences, and Technology.
DADAHACKS.COM :: Parenting For The Rest Of Us.
ZEDISTA.COM :: Entertainment. Sports. Culture. Escape.
TAKUMAKU.COM :: For The Hearth And Home.
ASTER.CLOUD :: From The Cloud And Beyond.
LIWAIWAI.COM :: Intelligence, Inside and Outside.
GLOBALCLOUDPLATFORMS.COM :: For The World's Computing Needs.
FIREGULAMAN.COM :: For The Fire In The Belly Of The Coder.
ASTERCASTER.COM :: Supra Astra. Beyond The Stars.
BARTDAY.COM :: Prosperity For Everyone.

Cloud Custodian is a lightweight tool that leverages a simple, domain-specific language for policy authoring. Consequently, policies can easily be created, used, and modified by a range of teams, including development, operations, and security. Notifications and remediation actions can be incorporated into policies. Cloud Custodian integrates tightly with serverless runtimes to provide real-time remediation and response while minimizing operational overhead.

Cloud Custodian’s Simple Declarative Language and Experience Extend to Kubernetes Clusters

Cloud Custodian now brings the same experience, vocabulary, and ergonomics to enforcing policies in Kubernetes environments. Using the same language and tool, teams can establish automated detection and remediation in their Kubernetes clusters.

Read More  ZTNA Is Dead. Long Live Zero Trust.

“Kubernetes adoption has rapidly grown within organizations and is moving beyond pilot projects,” said Sonny Shi, a Cloud Custodian maintainer and Staff Engineer at Stacklet. “We have had various requests from users within the community for Kubernetes support. Teams want to use Cloud Custodian for similar things in Kubernetes, such as enforcing labeling rules and regulatory compliance standards on their clusters. To meet these needs, we have added support for Kubernetes. These capabilities feature a familiar policy language and documentation, so it’s ready to use from day one.”

“Cloud Custodian has helped us enforce security guardrails while enabling our developers to innovate more quickly in the public cloud,” said Mrunal Shah, cloud native security leader at HBO Max. “I am excited to try Cloud Custodian for Kubernetes. Cloud Custodian’s YAML-based language is straightforward. These capabilities can simplify policy enforcement in Kubernetes, and reduce the number of tools we use to secure our cloud native Infrastructure.”

Cloud Custodian Enables Proactive Policy Enforcement Against Terraform Code

More and more organizations are using Infrastructure as code (IaC tools, such as Hashicorp Terraform, to automate the deployment and provisioning of their cloud infrastructure. Given IaC source code and templates essentially define your cloud infrastructure, it is critical to ensure they comply with your organizational policies.

Cloud Custodian users can now validate that their IaC code complies with policies. This effectively enables teams to shift policy validation left. Teams can verify that IaC code adheres to corporate cloud policy before that code is employed to provision cloud infrastructure. Developers can also use this capability to “test” their IaC implementation. In the latest release, Cloud Custodian adds support for HashiCorp’s Terraform language, and there are plans to add support for other languages in the future.

Read More  31 Open Source Text Editors You Need To Try

“Cloud Custodian enables you to check cloud deployments against policy and remedy policy violations,” said Kapil Thangavelu, Cloud Custodian creator and maintainer and CTO at Stacklet. “With the tool’s new shift-left capabilities, teams can run policy validation earlier and fix issues at the source. All these additional capabilities enable you to use the same language, tools, and workflows to enforce governance of your entire cloud native infrastructure.”

 

 

By Cloud Custodian maintainers
Source CNCF


For enquiries, product placements, sponsorships, and collaborations, connect with us at [email protected]. We'd love to hear from you!

Our humans need coffee too! Your support is highly appreciated, thank you!

aster.cloud

Related Topics
  • Cloud Custodian
  • CNCF
  • Hashicorp
  • Kubernetes
  • Terraform
You May Also Like
View Post
  • Software Engineering
  • Technology

Claude 3.7 Sonnet and Claude Code

  • February 25, 2025
View Post
  • Engineering
  • Software Engineering

This Month in Julia World

  • January 17, 2025
View Post
  • Engineering
  • Software Engineering

Google Summer of Code 2025 is here!

  • January 17, 2025
View Post
  • Cloud-Native
  • Multi-Cloud

Oracle Expands Multicloud Capabilities with AWS, Google Cloud, and Microsoft Azure

  • September 11, 2024
Cloud computing concept image double exposure Digitally Enhanced Smart City Concept with Cloud Computing
View Post
  • Cloud-Native
  • Computing
  • Hybrid Cloud
  • Multi-Cloud
  • Public Cloud

Make Your Business Resilient By Integrating These Best Practices Into Your Cloud Architecture

  • July 29, 2024
View Post
  • Software Engineering

5 Books Every Beginner Programmer Should Read

  • July 25, 2024
Huawei Cloud Cairo Region Goes Live
View Post
  • Cloud-Native
  • Computing
  • Platforms

Huawei Cloud Goes Live in Egypt

  • May 24, 2024
View Post
  • Cloud-Native
  • Computing
  • Engineering

10 Cloud Development Gotchas To Watch Out For

  • March 29, 2024

Stay Connected!
LATEST
  • 1
    Pure Accelerate 2025: All the news and updates live from Las Vegas
    • June 18, 2025
  • 2
    ‘This was a very purposeful strategy’: Pure Storage unveils Enterprise Data Cloud in bid to unify data storage, management
    • June 18, 2025
  • What is cloud bursting?
    • June 18, 2025
  • 4
    There’s a ‘cloud reset’ underway, and VMware Cloud Foundation 9.0 is a chance for Broadcom to pounce on it
    • June 17, 2025
  • What is confidential computing?
    • June 17, 2025
  • Oracle adds xAI Grok models to OCI
    • June 17, 2025
  • Fine-tune your storage-as-a-service approach
    • June 16, 2025
  • 8
    Advanced audio dialog and generation with Gemini 2.5
    • June 15, 2025
  • 9
    A Father’s Day Gift for Every Pop and Papa
    • June 13, 2025
  • 10
    Global cloud spending might be booming, but AWS is trailing Microsoft and Google
    • June 13, 2025
about
Hello World!

We are aster.cloud. We’re created by programmers for programmers.

Our site aims to provide guides, programming tips, reviews, and interesting materials for tech people and those who want to learn in general.

We would like to hear from you.

If you have any feedback, enquiries, or sponsorship request, kindly reach out to us at:

[email protected]
Most Popular
  • Google Cloud, Cloudflare struck by widespread outages
    • June 12, 2025
  • What is PC as a service (PCaaS)?
    • June 12, 2025
  • 3
    Crayon targets mid-market gains with expanded Google Cloud partnership
    • June 10, 2025
  • By the numbers: Use AI to fill the IT skills gap
    • June 11, 2025
  • 5
    Apple services deliver powerful features and intelligent updates to users this autumn
    • June 11, 2025
  • /
  • Technology
  • Tools
  • About
  • Contact Us

Input your search keywords and press Enter.