Enforce a cloud resource compliance policy
WHAT IT TESTS: policy-as-code guardrails. OUTLINE: prevent at creation with org policies or admission checks, detect violations via continuous config scanning, and auto-remediate by stripping the IP or alerting owners. RED FLAG: manual periodic audits only.
WHAT IT TESTS: whether you enforce governance proactively, not just reactively. ANSWER OUTLINE: use preventive guardrails such as organization policy constraints, Service Control Policies, or admission webhooks to block creating public-IP VMs that lack the tag; layer detective controls like AWS Config rules or asset scanning that continuously evaluate resources and flag violations; add automated remediation that strips the public IP or quarantines the resource and notifies owners. RED FLAG: relying on manual quarterly audits.
Read the original → interview
- #governance
- #policy-as-code
- #compliance
- #security
- #automation
Get five bites like this every day.
Tezvyn delivers a daily feed of 60-second tech bites with quizzes to lock in what you learn.