Talked #compliance, the #EUCS and #OPA at #Google in #Stockholm this evening. A surprising amount of people attending actually gave a fuck.

It's hot outside, but you know what's even hotter? The #CloudNative meetup taking place at the Google office in #Stockholm this evening. I'll be talking about how to translate "real" policy, like the upcoming #EUCS framework into #PolicyAsCode using #OpenPolicyAgent and #Rego. Also, my buddy Abdel to present on ambient service mesh and #Istio. Good times!

https://community.cncf.io/events/details/cncf-stockholm-presents-stockholm-cloud-native-community-group-june-2023-meetup/

#CloudNativeNordics #CNCF #DevOps #DevSecOps #Code

My #KubeCon talk from Amsterdam a few weeks ago is now up on YouTube! The #EUCS — a compliance certification scheme for service providers in the cloud — is on its way, and will have a big impact on how organizations work with #security, #compliance and #automation. A holistic framework like the EUCS provides #policy controls applicable to the whole stack. How would we codify and enforce such rules?

#OPA #PolicyAsCode #Rego #OSCAL @enisa_eu

https://www.youtube.com/watch?v=XoWf4QcSbDw

15:25 today at #KubeCon, I’ll talk about the upcoming #EUCS scheme for cloud service providers, and how #OpenPolicyAgent and other #CloudNative technologies can help solve #compliance and certification challenges across organizations. Join in, it’ll be fun!

https://kccnceu2023.sched.com/event/1HyW6

Studying the #EUCS framework pending my upcoming talk on the topic at #KubeCon in two weeks. Some of the rules around #identity and #IAM seem rather dubious to me. Like the requirement to automatically block users after certain period of inactivity (2 months), or X number of failed authentication attempts, with "approval from authorised personnel" required to unlock them. What could possibly go wrong..

Looks like #KubeCon EU will be a real #OpenPolicyAgent event this year! 😍 Maintainer track with @charlieegan3, Conftest talk by @NYTimes devs, #OPA for #EUCS compliance with me and Robert Ficcaglia, a contribfest session, *and* OPA and #Styra booths! Can't wait 🚀

#KubeConEU #CNCF #OpenSource

RT @BertuzLuca@twitter.com

#EUCS: The attempt to include sovereignty requirements in the cloud scheme has spurred controversy inside the EU Council. Member states are now trying to break the deadlock with a joint paper obtained by @EURACTIV@twitter.com detailing six possible scenarios.
https://www.euractiv.com/section/cybersecurity/news/eu-countries-seek-way-out-of-impasse-on-sovereignty-requirements-for-cloud-services/

🐦🔗: https://twitter.com/BertuzLuca/status/1620067181718548480