+49 (911) 80 10 30

Give us a call or have us call you back!

Simply leave a message with your callback appointment

Your Name *

Your phone number *

Callback date *

Callback time *

Your request *

In order to process your request, it is necessary to process the data you provide. This means that by submitting the contact form, you consent to your data being processed (see Privacy Policy). You can object to the processing of your data at any time.

* All fields marked with an asterisk are mandatory fields.
Send a message

Your Name *

Your email *

Your phone number

Your request *

In order to process your request, it is necessary to process the data you provide. This means that by submitting the contact form, you consent to your data being processed (see Privacy Policy). You can object to the processing of your data at any time.*

* All fields marked with an asterisk are mandatory fields.
Social Media

Share page

CL460: Security Aspects in the Implementation of IaC

Training: DevOps - Cloud

Security experts with technical expertise, DevOps engineers with an interest in security, and cloud experts at the associate level receive a practical introduction to security aspects of Infrastructure as Code. The course covers the use of CI/CD tools such as CodePipelines and Terraform, security policies and compliance requirements, as well as best practices for secure pipelines. Practical examples and case studies complete the training.

Appointment selection

Appointments in German language (3)


Hybrid training	2025-12-03 \| 10:00 am	2025-12-04 \| 05:00 pm	Nürnberg
Hybrid training	2026-03-16 \| 10:00 am	2026-03-17 \| 05:00 pm	Nürnberg
Hybrid training	2026-10-26 \| 10:00 am	2026-10-27 \| 05:00 pm	Nürnberg

Possible course languages: German

Request prefered appointment period:

Your Name *

Your email *

Your phone number

Preferred period from *

Preferred period to *

Number of participants *

Your message

* All fields marked with an asterisk are mandatory fields.

Hybrid training

Start: 2025-12-03 | 10:00 am

End: 2025-12-04 | 05:00 pm

Location: Nürnberg

Price: 1.690,00 € plus VAT.

Hybrid training

Start: 2026-03-16 | 10:00 am

End: 2026-03-17 | 05:00 pm

Location: Nürnberg

Price: 1.690,00 € plus VAT.

Hybrid training

Start: 2026-10-26 | 10:00 am

End: 2026-10-27 | 05:00 pm

Location: Nürnberg

Price: 1.690,00 € plus VAT.

Request prefered appointment period:

Your Name *

Your email *

Your phone number

Preferred period from *

Preferred period to *

Number of participants *

Your message

* All fields marked with an asterisk are mandatory fields.

Agenda:

Fundamentals
- What is IaC?
- Advantages and disadvantages
- Design principles
- Terraform processes, providers, and modules
- Configuration management
- Storage and versioning of IaC
- Examples, showcases, and exercises

Design
- Processes and policies
- Storage of sensitive information
- Key rotation
- Identity management
- Examples, showcases, and exercises

Automation
- Support of Generative AI
- Application vs. infrastructure configuration
- Execution environment
- Documentation
- Stateful vs. stateless environments
- Secrets handling
- Examples, showcases, and exercises

Best Practices
- Examples and showcases
- OWASP Top 10
- Helpful tools and further information

Objectives:

The objective in the fundamentals is to gain a basic understanding of Terraform and to deploy a VM
Identify and evaluate security-critical components
Outline and discuss processes for secure code
Discuss problems and challenges based on best practices and provide guidance for self-help

Target audience:

This course CL460 Security Aspects in the Implementation of IaC is intended for:

Security experts with technical understanding
DevOps Engineers with a security interest/background
Cloud experts at Associate Level

Prerequisites:

To follow the content and learning pace of the course CL460 Security Aspects in the Implementation of IaC, the following prerequisites are necessary:

Advanced knowledge of CI/CD (tools), Git, CLI, yaml
Good Cloud knowledge in AWS™ or Azure, IDEs (e.g. vsCode)
General basic security knowledge (certificates, keys, secrets management)

Alternatively, we recommend attending the training: CL450 DevOps CI/CD Pipeline beforehand

Description:

In the course CL460 Security Aspects in the Implementation of IaC (Infrastructure as Code), participants carry out hands-on exercises on a selected Cloud platform using CI/CD tools such as CodePipelines and Terraform as the IaC tool. These exercises provide deep insights into securing infrastructure through automation and compliance adherence.
In addition to the theoretical content, the course CL460 Security Aspects in the Implementation of IaC presents extensive practical examples and showcases from real projects, offering participants practical insights and actionable strategies. These examples cover a wide range of security challenges and best practices as they occur in the daily work of a DevOps or Security Engineer.

Special focus areas include:

Security policies and compliance: How to ensure that infrastructure definitions comply with corporate as well as legal requirements.
Troubleshooting and security incidents: Analysis and handling of security incidents caused by faulty IaC implementations, based on concrete case studies.
Best practices for secure CI/CD pipelines: Implementation of secure pipelines that ensure the integrity and security of the deployed infrastructure.