Cloud Custodian is a rules engine for managing public cloud accounts and resources. It allows users to define policies to enable a well managed cloud infrastructure, that's both secure and cost optimized. It consolidates many of the adhoc scripts organizations have into a lightweight and flexible tool, with unified metrics and reporting. It also is flexible enough to be run on Lambda or server or serverless. It allows you to create a endless number of policies and simple queries. The bonus is that its a easy to write and read YAML dsl. When i started to look for information on it, it felt like daunting exercise. I am a non developer, so for me yaml , json seemed like totally out of comfort area. But we all need to start somewhere. So, off i went to google search. It landed me on the custodian home page and some youtube videos. I watched those videos couple of times and noted the points being made. They were all from the main developer who worked on it in Capitalone.
Videos to watch to get started:
https://www.youtube.com/watch?v=oY8Nmh6B7P8
https://www.youtube.com/watch?v=ElvHiZU8hRc
Main website link: https://cloudcustodian.io/
After going though some videos and the actual documents. I went ahead to look for articles on medium. Its a good place to get started and connect with people. Then i added people who wrote those articles on Linkedin. Added myself to github and started watching the project. I did some more research in it. I found link to Manheim who published their repository as they used it.
Realtime use case like below helped co-relate to it in depth.
Description of Manheim project
And with all details, it was time to start practicing few basics. I spun up a VM on my Azure free tier and installed Python and custodian and then the Azure cli. I was now all set to author my first policy and yes, i did succeed as the documentation is quite descriptive. I will use managed identity authentication for Azure VM. Also, authoring some policies is complicated. I am using visual studio as the editor to write these policies. It is going to interesting on how i progress. I had to brush up on Azure and trying to write Yaml. I am feeling fairly confident since i started, it firms my belief that if you are willing to learn you can master anything.
No comments:
Post a Comment