Building on the work we announced last fall to help you provision GCP resources with Chef cookbooks, and in honor of ChefConf 2018, Chef and Google Cloud Platform (GCP) have been working together in several exciting ways:
- Extending coverage of InSpec for popular GCP resources
- Adding Habitat support for Google Container Registry
- Offering additional Chef cookbooks for provisioning and configuring Google Cloud Identity and Access Management, Cloud Spanner, Cloud Pubsub, CloudSQL, and Cloud Resource Manager
Let’s take a deeper look at each of these new developments.
InSpec integration with GCP
In an increasingly complex regulatory environment, many DevOps teams and information security officers struggle to answer important questions:
- Is our infrastructure deployed and configured as it should be?
- Can we prove that our deployments are compliant with a growing list of guidelines (CIS, PCI, SOX, HIPAA etc.)?
InSpec by Chef helps you express security and compliance requirements as code and incorporate it directly into the delivery process, eliminating ambiguity and manual processes to help you ship faster while remaining secure.
GCP continues to introduce new ways to protect and control your GCP services and data. This has made it a popular platform for high-profile customers like major motion picture studios, which use GCP for security sensitive workloads such as rendering pipelines for digital assets.
Now InSpec users can continuously test their Google Cloud deployments (regardless of what tool they have used to provision and configure them) for issues like whether a firewall should allow HTTP traffic or whether a storage bucket should be open to the world.
Further, Chef and Google are developing a recommended baseline InSpec profile for securing GCP resources, and will incorporate access to InSpec into Google Cloud Security Command Center for ease of use straight from the Google Cloud Console.
Google Container Registry support in Habitat
Habitat by Chef delivers application automation that helps modern application teams build, deploy, and manage any application in any environment—from traditional data-centers to containerized microservices. In December 2017 Chef announced support for running Habitat applications on Google Kubernetes Engine, to publish your containers via Docker Hub. Learn more about this at the session “How the Habitat-operator Brings Habitat Awesomeness to Kubernetes” on May 23rd at 4:00 p.m. at ChefConf.
Later this summer, Habitat users will be able to build their applications and directly publish these artifacts into Google Container Registry. This integration of Habitat with Container Registry and Kubernetes Engine will enable customers to refactor and re-architect their apps into modern containerized architectures as part of their migration efforts onto GCP.
Provision more GCP resources with Chef
In 2017, we released Chef cookbooks to provision and configure the following GCP services:
- Google Container Engine: install / docs | source
- Google Compute Engine: install / docs | source
- Google Cloud SQL: install / docs | source
- Google Cloud DNS: install / docs | source
- Google Cloud Storage: install / docs | source
Recently, we’ve also added coverage for the following services:
- Google Authentication: install / docs | source
- Google Stackdriver Logging: install / docs | source
You can download these individually via Chef Supermarket, or get them all together here.
See you at the show
If you’ll be at ChefConf, we’d also love to see you at the Google booth during the event. You can attend the “Let’s use Google Cloud Platform (GCP) and Chef” session at 2:00 p.m. on May 24th to learn about using Chef together with GCP’s suite of services.