aster.cloud aster.cloud
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
aster.cloud aster.cloud
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
  • Cloud-Native
  • Software Engineering

Cloud Custodian Goes Beyond The Cloud To Bring Governance As Code To Kubernetes And IaC

  • aster.cloud
  • October 31, 2022
  • 3 minute read

This week the Cloud Custodian project, part of the CNCF incubator, added a Kubernetes admission controller for easy event-driven policy management within your cluster.  The project also added support for running policies against HashiCorp’s Terraform. With these additions, Cloud Custodian represents a single tool that enables comprehensive, frictionless governance for cloud-native infrastructure, including infrastructure as code (IaC), cluster, and cloud environments. The project reduces the operational complexity of learning and implementing multiple tools and workflows.

Cloud Custodian: The De Facto Standard for Public Cloud Governance

Cloud Custodian is a leading governance as a code tool. With the tool, organizations can use code to manage and automate the enforcement of policies for cloud cost optimization, security, compliance, and operations—without hindering developer velocity. Over the past few years, Cloud Custodian has become the de facto standard for public cloud governance. Thousands of organizations now rely upon the tool, including Capital One, Code 42, Grupo, HBO Max, Intuit Inc, JP Morgan Chase & Co, Siemens, Premise Data, and Zapier.


Partner with aster.cloud
for your next big idea.
Let us know here.



From our partners:

CITI.IO :: Business. Institutions. Society. Global Political Economy.
CYBERPOGO.COM :: For the Arts, Sciences, and Technology.
DADAHACKS.COM :: Parenting For The Rest Of Us.
ZEDISTA.COM :: Entertainment. Sports. Culture. Escape.
TAKUMAKU.COM :: For The Hearth And Home.
ASTER.CLOUD :: From The Cloud And Beyond.
LIWAIWAI.COM :: Intelligence, Inside and Outside.
GLOBALCLOUDPLATFORMS.COM :: For The World's Computing Needs.
FIREGULAMAN.COM :: For The Fire In The Belly Of The Coder.
ASTERCASTER.COM :: Supra Astra. Beyond The Stars.
BARTDAY.COM :: Prosperity For Everyone.

Cloud Custodian is a lightweight tool that leverages a simple, domain-specific language for policy authoring. Consequently, policies can easily be created, used, and modified by a range of teams, including development, operations, and security. Notifications and remediation actions can be incorporated into policies. Cloud Custodian integrates tightly with serverless runtimes to provide real-time remediation and response while minimizing operational overhead.

Cloud Custodian’s Simple Declarative Language and Experience Extend to Kubernetes Clusters

Cloud Custodian now brings the same experience, vocabulary, and ergonomics to enforcing policies in Kubernetes environments. Using the same language and tool, teams can establish automated detection and remediation in their Kubernetes clusters.

Read More  Relaunching Kubernetes Community Days with KCD Africa, Bengaluru

“Kubernetes adoption has rapidly grown within organizations and is moving beyond pilot projects,” said Sonny Shi, a Cloud Custodian maintainer and Staff Engineer at Stacklet. “We have had various requests from users within the community for Kubernetes support. Teams want to use Cloud Custodian for similar things in Kubernetes, such as enforcing labeling rules and regulatory compliance standards on their clusters. To meet these needs, we have added support for Kubernetes. These capabilities feature a familiar policy language and documentation, so it’s ready to use from day one.”

“Cloud Custodian has helped us enforce security guardrails while enabling our developers to innovate more quickly in the public cloud,” said Mrunal Shah, cloud native security leader at HBO Max. “I am excited to try Cloud Custodian for Kubernetes. Cloud Custodian’s YAML-based language is straightforward. These capabilities can simplify policy enforcement in Kubernetes, and reduce the number of tools we use to secure our cloud native Infrastructure.”

Cloud Custodian Enables Proactive Policy Enforcement Against Terraform Code

More and more organizations are using Infrastructure as code (IaC tools, such as Hashicorp Terraform, to automate the deployment and provisioning of their cloud infrastructure. Given IaC source code and templates essentially define your cloud infrastructure, it is critical to ensure they comply with your organizational policies.

Cloud Custodian users can now validate that their IaC code complies with policies. This effectively enables teams to shift policy validation left. Teams can verify that IaC code adheres to corporate cloud policy before that code is employed to provision cloud infrastructure. Developers can also use this capability to “test” their IaC implementation. In the latest release, Cloud Custodian adds support for HashiCorp’s Terraform language, and there are plans to add support for other languages in the future.

Read More  Importance Of Baremetal For Kubernetes Framework

“Cloud Custodian enables you to check cloud deployments against policy and remedy policy violations,” said Kapil Thangavelu, Cloud Custodian creator and maintainer and CTO at Stacklet. “With the tool’s new shift-left capabilities, teams can run policy validation earlier and fix issues at the source. All these additional capabilities enable you to use the same language, tools, and workflows to enforce governance of your entire cloud native infrastructure.”

 

 

By Cloud Custodian maintainers
Source CNCF


For enquiries, product placements, sponsorships, and collaborations, connect with us at [email protected]. We'd love to hear from you!

Our humans need coffee too! Your support is highly appreciated, thank you!

aster.cloud

Related Topics
  • Cloud Custodian
  • CNCF
  • Hashicorp
  • Kubernetes
  • Terraform
You May Also Like
View Post
  • Software Engineering
  • Technology

Claude 3.7 Sonnet and Claude Code

  • February 25, 2025
View Post
  • Engineering
  • Software Engineering

This Month in Julia World

  • January 17, 2025
View Post
  • Engineering
  • Software Engineering

Google Summer of Code 2025 is here!

  • January 17, 2025
View Post
  • Cloud-Native
  • Multi-Cloud

Oracle Expands Multicloud Capabilities with AWS, Google Cloud, and Microsoft Azure

  • September 11, 2024
Cloud computing concept image double exposure Digitally Enhanced Smart City Concept with Cloud Computing
View Post
  • Cloud-Native
  • Computing
  • Hybrid Cloud
  • Multi-Cloud
  • Public Cloud

Make Your Business Resilient By Integrating These Best Practices Into Your Cloud Architecture

  • July 29, 2024
View Post
  • Software Engineering

5 Books Every Beginner Programmer Should Read

  • July 25, 2024
Huawei Cloud Cairo Region Goes Live
View Post
  • Cloud-Native
  • Computing
  • Platforms

Huawei Cloud Goes Live in Egypt

  • May 24, 2024
View Post
  • Cloud-Native
  • Computing
  • Engineering

10 Cloud Development Gotchas To Watch Out For

  • March 29, 2024

Stay Connected!
LATEST
  • 1
    Just make it scale: An Aurora DSQL story
    • May 29, 2025
  • 2
    Reliance on US tech providers is making IT leaders skittish
    • May 28, 2025
  • Examine the 4 types of edge computing, with examples
    • May 28, 2025
  • AI and private cloud: 2 lessons from Dell Tech World 2025
    • May 28, 2025
  • 5
    TD Synnex named as UK distributor for Cohesity
    • May 28, 2025
  • Weigh these 6 enterprise advantages of storage as a service
    • May 28, 2025
  • 7
    Broadcom’s ‘harsh’ VMware contracts are costing customers up to 1,500% more
    • May 28, 2025
  • 8
    Pulsant targets partner diversity with new IaaS solution
    • May 23, 2025
  • 9
    Growing AI workloads are causing hybrid cloud headaches
    • May 23, 2025
  • Gemma 3n 10
    Announcing Gemma 3n preview: powerful, efficient, mobile-first AI
    • May 22, 2025
about
Hello World!

We are aster.cloud. We’re created by programmers for programmers.

Our site aims to provide guides, programming tips, reviews, and interesting materials for tech people and those who want to learn in general.

We would like to hear from you.

If you have any feedback, enquiries, or sponsorship request, kindly reach out to us at:

[email protected]
Most Popular
  • Understand how Windows Server 2025 PAYG licensing works
    • May 20, 2025
  • By the numbers: How upskilling fills the IT skills gap
    • May 21, 2025
  • 3
    Cloud adoption isn’t all it’s cut out to be as enterprises report growing dissatisfaction
    • May 15, 2025
  • 4
    Hybrid cloud is complicated – Red Hat’s new AI assistant wants to solve that
    • May 20, 2025
  • 5
    Google is getting serious on cloud sovereignty
    • May 22, 2025
  • /
  • Technology
  • Tools
  • About
  • Contact Us

Input your search keywords and press Enter.