►
From YouTube: Cloud Native Live: IaC Migration using AI
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Welcome
to
Cloud
native
live
where
we
dive
into
the
code
behind
Cloud
native
I'm
your
host.
Today,
my
name
is
Whitney
Lee
and
I'm,
a
cncf
Ambassador
and
a
developer
Advocate
at
VMware
tanzu
every
week
on
C
and
Cloud
native
live.
We
bring
a
new
set
of
presenters
to
Showcase
how
to
work
with
Cloud
native
Technologies.
We
will
build
things,
we
will
break
things
and
we
will
answer
your
questions.
This
week
we
have
Sefi
Janus
here
with
us
to
deliver
a
presentation
called
IAC
migration
using
AI
from
cloud
formation
to
terraform
in
seconds
now.
A
This
is
an
official
live
stream
of
the
cncf
and,
as
such,
it
is
subject
to
the
cncf
code
of
conduct.
What
does
that
mean?
It
basically
means
just
be
the
nice,
the
kind
humans
that
you
are
so
please
don't
add
anything
to
chat.
That
would
be
in
violation
of
the
code
of
conduct.
If
anything
that
would
be
disrespectful
at
all
to
your
fellow
participants
or
for
to
the
presenters,
be
nice
to
me
too,
please
and
Sefi.
So
anyway,
friends
who
are
joining
us
live.
A
If
you
have
questions,
please,
please,
please
post
them
to
chat
what
we're
going
to
do
is
after
the
presentation's
over
that's
when
we're
going
to
answer
all
of
your
questions,
we're
going
to
have
a
discussion
time
at
the
end,
and
so
with
that
I'll
hand
it
over
to
stefi
Janice
to
kick
off
today's
presentation.
Sethi
tell
us
about
yourself,
yeah.
B
So
first,
thank
you
very
much
for
having
me
and
I'm
stefi
yanis
and
I'm,
the
CTO
and
co-founder
of
firefly
and
today
I'm,
going
to
talk
about
leverage
leveraging
AI
for
migrating
your
infrastructures
code
from
one
ic2
to
another,
and
before
that
I'd
like
to
explain
about
my
company
Firefly,
is
a
cloud
Asset
Management
solution
that
scans
the
entire
Cloud
footprint
I
mean
all
diaper
skaters
kubernetes
clusters,
SAS
application,
Etc.
In
fact,
I
will
also
analyze
the
infrastructure's
code
from
terraform
to
helm,
charts
and
we
detect
the
discrepancy
between
the
cloud
and
the
ISC.
B
We
built
the
technology
that
can
generate
telephone
code
with
models
for
something
that
was
created
manually
before
in
the
cloud
we
detected
drifts
and
unexpected
changes
continuously,
and
we
also
adapted
layers
of
policies
using
open
policy
agent
or
to
talk
about
it
in
this
session
as
well,
and
we
can
govern
the
cloud
for
final
seconds
and
reliability
and
again.
Thank
you
very
much
for
having
me.
B
Okay,
it's
okay!
So
in
this
stock,
I'll
discuss
an
AAC,
hey
season,
open
source
store
that
we
recently
launched
that
LFA
government
healthy
migrate
infrastructures
code
or
else
generate
infrastructures
code
using
AI.
So
we
adapted
the
open
Ai
and
we
utilize
open
AI.
In
order
to
generate
a
telephone
code.
Cloud
formation,
Etc
and
I
will
show
you
what
you
can
do
using
a
here
under
all
the
documentation
and
by
the
way
we
have
a
2.7
K
Stars.
You
have
more
than
welcome
to
start
this
new
repository,
but
yeah.
B
We
have
some
examples
for
utilizing
this
great
tool.
The
first
one
is
to
generate
new
infrastructures
called.
If
now
you
want
to
create
a
new
Lambda
function
with
the
models
variables,
standard,
VPC
Etc,
you
can
use
this
open
source
tool
and
it
would
generate
the
telephone
code
for
you
or
cloud
formation,
and
you
can
also
generate
Docker
Docker
file
or
kubernetes
manifest
in
this
session.
I
will
also
show
you
our
generated
cicd
pipeline
using
AAC,
and
this
is
really
powerful,
because
you
know
how
difficult
is
to
write
a
yml
files
else.
B
This
tool
can
also
help
a
generating
policies,
called
Opa
and
even
query
builder,
for
instance,
if
you
have
mongodb
or
elasticsearch,
and
you
need
to
build
the
sophisticated
query
using
this
tool,
you
can
do
that
and
I
showed
you
the
tool.
I
explained
very
briefly,
but
let's
say
dive
into
the
code
and
in
this
specific
session,
I
will
show
you
how
I
can
migrate
one
AC
to
another.
B
For
example,
ibiz
the
cloud
formation
stack
I
will
show
you
the
cloud
formation
stack
that
builds
an
application
in
the
in
a
dedicated
VPC
in
some
configuration
or
elaborating
that
I
will
launch
this
confirmation
stack
and
then
I
will
show
you
how
we
can
utilize
this
tool
to
migrate
the
clouds
formation
to
terraform,
but
that's
just
an
example.
Using
this
great
tool,
you
can
migrate.
Every
infrastructures
go
to
to
whatever
you
want.
B
B
Okay,
so
I'm
launching
right
now,
a
cloudformation
stack
that
will
create
25
resources
and
it
will
build
a
new
application.
It
takes
around
two
or
three
minutes
but
I'd
like
to
dive
into
the
cloud
formation,
just
to
explain
what
it
is
and,
of
course
that's
just
an
example.
You
can
use
a
a
any
micro
service
that
you
have
the
back
end,
the
front
end
or
other
infrastructure
in
the
cloud.
As
you
can
see
here,
this
specific
calculation
stack
I
deployed
a
dedicated
VPC,
because
I
built
my
application
and
isolated
it
into
a
virtual
private
Cloud.
B
B
A
B
Okay,
so,
as
I
mentioned,
we
built
here
a
VPC,
a
two
sub
and
four
subnets
to
public
into
private
internet
gateway,
because
we
need
to
transfer
the
data
outside
of
our
VPC.
We
also
configured
about
50
a
round
table
public
and
private
public
will
transfer
the
data
through
the
internet
gateway.
You
can
see
that
we
built
a
ec2
machine
and
the
user
data
will
launch
the
application,
also
a
load
balancer,
because
we
want
to
build
then
a.
A
B
Availability
solution,
security
groups
for
the
low
for
the
load
balance
and
the
ec2
network,
ACL
anything
that
you
got
the
idea
here.
Let's
see
if
the
resources
in
the
cloud
formation
were
created,
maybe
it
will
take
one
more
moment,
but
let's
okay
so-
and
it
takes
one
more
moment
and
I
will
show
you
an
example
for
a
thing
in
that
time.
B
Now
around
22nd
you
will
get
the
telephone
code,
but
aec
is
a
great
tool
because
it's
like
a
check,
you
can
continuously
talk
with
the
AIC
and
if
now
I
would
like
to
add
security
layers
and
this
codified
results.
We
can
do
that.
We
can
also
generate
the
code
and
save
a
readme
MD
file
and
that's
a
super
powerful.
You
can
see
here
and
I
will
show
you
the
results,
and
although
it's
not
small
enough,
you
can
see
that
it,
it
created
a
it,
creates
a
VPC.
The
security
group
and
the
Lambda
function
here.
B
So
what
what
I've
done
is
I
went
to
the
cloud
formation
template
and
it
copied
the
VPC
and
the
subnet
just
for
the
VPC
in
the
subject,
just
for
explanation
and
demonstration,
and
it
created
an
input
file
called
networking.txt,
because
I
would
like
to
utilize
AIC
that
I
need
to
read
the
data.
If
I'm
migrating
cloud
formation
to
terraform
I
need
to
read
the
cloud
formation
and
to
run
a
front
and
I'm
going
to
show
you
right
now
that
I
would
run
the
following
commands
and
I
will
show
you
this
here.
B
Can't
resize.
B
Okay,
so
what
I'm
going
to
run
right
now
and
I'll
try
to
do
my
best
is
to
read
the
networking.txt
file.
That
I
showed
you
that
that's
part
of
the
confirmation
stack
and
it
passed
the
data
here
into
a
volleyball
called
the
input
and
then
I'm
running
the
command
there.
You
see
yeah
terraform
code
with
variables
for
falling
cloud
formation.
B
That's
that
is
a
cloud
formation
stack
and
I'm,
using
the
output
variable
to
save
the
telephone
code
into
the
directory
output
and
file
called
Network
NTS.
Also
added
the
quiet
slab.
So
here
I
will
run
this.
B
Okay
and
let's
run
the
AIC
getter
from
code,
takes
the
15-20
minutes
and
you
will
see
that
it
generates.
It
generates
the
telephone
code
for
the
VPC
and
the
four
standard
that
they
pick
and,
of
course,
I
can
do
it
for
everything
that
you
just
wanted
to
show
you
how
it
looks
like
and
let's
save
it.
Okay,
now
it's
saved
here
in
there
a
folder
called
outputs
in
the
networking,
a
file.
B
B
B
B
B
B
Zero
to
change
Zero
to
destroy,
but
the
resources
already
exist,
so
we
need
to
import
them
into
our
telephone
State.
Otherwise
they
won't
be
able
to
recreate-
and
this
is
a
bit
more
sophisticated
and
just
I
would
like
to
mention
in
telephone
1.5.
They
added
a
new
capability
that
you
can
use
and
import
block
looks
like
that,
and
you
just
need
to
mention
the
specific
results
from
the
cloud
and
Cloud
account.
But
I
will
go
to
their
AWS,
sorry
to
the
telephone
documentation,
I'm
going
to
database.
B
B
Okay
import
successfully
and
if
now
I
will
run
the
telephone
plan,
we'll
see
only
four
reasons
that
are
going
to
be
created.
But
what
happens
if
right
now
I
have
a
100
or
1000
resources?
It's
it's
the
tough
and
that's
why
in
Firefly
we
automate
this
solution
and
as
I
mentioned
before,
Firefly
is
a
cloud
Asset
Management
solution
that
can
scan
the
cloud
and
analyze
the
ioc,
and
we
can
generate
the
telephone
code
and
import
the
resource
for
you.
So
you
can
sign
up
for
free.
B
B
Okay,
we
have
here
and
I
am
policy.
I
can
qualify
if
you
can
see
that
firefighter
generates
the
telephone
code
for
you,
we
also
detect
dependencies.
Sometimes
you
have
Resources
with
the
dependencies
and
Lambda
function
under
VPC
and
subnet
Etc.
We
detect
all
of
them.
We
can
create
models
for
everything
if
you
want-
and
you
see
that
everything
is
for
immutable
instead
of
put
value
here,
we
can
deploy
it
in
a
staging
product
Etc.
But
what
I
wanted
to
show
you
is
that
you
can
click
on
the
import
command
button.
B
B
B
B
If
you
use
the
terraform
okay,
it
depends,
it
really
depends.
I
can
tell
you
that
the
AIC
utilize
an
non-deter
deterministic
approach,
so
you
you
can
generate
everything
that
you
want.
If
right
now,
you
would
like
to
migrate
the
Lambda
function,
but
you
want
to
add
more
configuration
policies,
raw
Etc,
so
without
AIC
you
need
to
write
those
resources
manually
or
what
happens
if
you
want
to
qualify
models,
so
I
I
suggest
to
use
non-deterministic
Solutions
or,
as
I
mentioned
before
in
Firefly,
we
do
a
great
job
for
lpo
qualifying
Resources
with
existing
models.
B
Okay,
super
should
we
let's
continue
and
then
let's
talk
for
more
questions.
Thank
you.
So
I
just
showed
you
right
now
an
example
for
a
migrating.
Some
of
my
resources
into
terraform,
but
I
I
have
done
this
before
and
built
an
old
solution
using
the
same
technique,
and
you
can
see
that
right
now,
I
have
there
are
some
code
without
the
result
says
the
provider
output
Etc.
So
let's
run
the
terraform
apply
command.
One
second.
B
I
took
the
telephone
code
and
I
decided
to
deploy
it
in
a
isolated
account,
so
I
I
deployed
the
cloud
formation
account
a
then
I
migrated
to
terraform
and
deployed
the
terraforming
account
to
B,
and
you
can
see
that
it
totally
works.
I
have
here
a
DNS
and
let's
run
it
and
it
will
be
the
same
architecture,
the
same
thing
as
you
see
in
a
accounting,
but
right
now
this
one
is
deployed
using
terraform
and
one.
B
Good
I'd
like
to
show
you
one
more
thing
that
we,
you
can
do
using
a
thing
and
I'm
going
back
to
the
git
Repository
you'll.
Remember
that
before
I
told
you
about
generating
safety
Pipelines,
you
understand
that
running.
The
telephone
code
from
your
local
machine
is
not
a
good
practice
and
the
best
practice
is
to
use
the
LCD
to
store
the
state
files
in
a
remote,
back-end
Etc,
and
that's
exactly
what
I'm
going
to
demonstrate
right
now,
I
built
here,
A,
readme
and
D,
using
guys.
B
B
Well,
yeah
good,
so
you
can
see
here
that
the
AAC
generated
the
pipeline
and
right
now,
I
know
that
it's
a
bit
small,
but
you
would
see
the
terraforming
importer
from
plantar
from
the
fly,
but
we
don't
have
any
Security
check
and
that's
why
I
will
ask
the
AAC
to
continue
the
chat
and
the
new
message
is
LIC
security,
scan
stack
and
then
I
will
save
it
in
into
a
dedicated
yml
file.
I
will
use
this
file
and
I
will
show
you
in
a
real
Gateway
personally,
the
result.
B
B
B
Yes
sure
so
you
can
see
that
we
set
up
the
cicd
pipeline.
Everything
is
you
saw
five
seconds
using
a
AI
I
got
the
yml
file,
I
put
it
in
my
git
repository
and
from
now,
and
on
I
have
a
full
full
cicd
python
running
and
the
telephone
minute
box.
The
telephone
plan
also
works
and
that's
the
security
Checker
and
let's
walk
through
the
results,
because
it
failed
ensure
VPC.
B
This
is
focused
on
security
and
now
I'm,
going
to
introduce
you
to
a
different,
open
source
tool
that
we
have
launched
in
Firefly
a
year
ago
called
valid
IEC,
because
you
saw
that
you
can
utilize
security
Checkers
to
streamline
to
leverage
your
cicd
pipeline,
but
valid
IC
is
the
open
source
tool.
That
is
one
place
to
run
all
of
the
analyzers,
the
TF
SEC
infra,
costing
from
app
to
get
flint
Etc
and
using
that
it
will
happen
not
just
with
security,
also
with
cost
or
with
the
a
linter
or
with
map.
B
And
here
we
have
an
example
for
some
results:
resources
VPC
with
some
Etc.
We
will
run
the
security
behind
where
we
run
the
TF
sec
by
the
way
today
is
craving
and
aqua.
They
do
great
job
there
and
you
will
see
that
we
have
two
potential
problems
and
one
resource
test,
but
if
you're
going
to
the
cost,
you
can
see
that
we
have
five
505
dollars
over
total
and
that
will
total
price
of
those
resources.
Probably
because
of
the
scene
stance.
Okay,
M6
said
we
can
also
generate
the
map
or
the
lintel.
B
Recommend
I
know
some
code
scanners.
A
TF
set
or
trivia
that
was
created
by
Aqua
is
a
good
one,
but
a
checo.
It
was
created
by
Bridge
crew.
It's
also
a
great
Solutions
Palo
Alto
Palo
Alto
Network
acquired
this
specifically,
they
are
more
more
the
same
and
kicks
kicks
that
was
acquired
by
that
was
built
by
a
check.
Marks
is
also
a
great
open
source
tool.
Each
of
them
is
pros
and
cons,
for
example,
kicks
I'm,
not
an
advocate
of
none
of
them,
but
all
of
them
are
great.
Clicks
is
based
on
Opa.
B
A
B
Yes
sure
thank
you
for
asking
that
it's
a
really
important
question.
The
first
thing
is
regarding
secrets
and
droppings
API
Etc.
You
should
never
pass
your
data,
your
sensitive
information
to
charge
your
video
or
other
AI
systems
and
it's
dangerous
and
the
one
of
the
way
to
avoid
this
is
to
use
gitlix.
Gitlix
is
a
great
open
source
tool
that
can
detect
the
secrets,
and
you
should
understand
what
you
pass
into
AI
systems.
B
A
B
Think
that
the
secret
is
secrets
and
apis-
that's
definitely
the
top
priority,
but
also
customer
data,
because
you
should
never
pass
a
customer
data
or
pii
or
something
that
even
if
it's
not
a
password,
you
should
be
aware
of
that
and
a
GPT
and
other
Solutions
are
not
deterministic.
So
the
result
is
not
always
correct
and
in
gpts
I
think
called
temperature
that
you
can
configure
it's
a
measure
from
zero
to
one,
and
that
depends
on
the
creativity
of
the
AI.
A
I've
ever
have
other
questions
as
you've
been
going.
I've
been
typing
out
my
questions.
If
you
see
me
typing,
that's
why
another
question
so
what
I
saw
in
your
excellent
demo
was?
Was
you
had
templates
already
in
cloud
formation
and
then
you
migrated
those?
What
if
you
you
have
resources
running,
but
you
don't
have
templates
for
them.
Can
you
generate
templates?
A
B
B
A
B
B
Some
of
you
I
hope
most
of
you
use
infrastructures
code,
but
you
can
see
that
some
resources
might
be
created
manually
in
the
cloud
because
of
resources,
Etc,
that's
click,
UPS,
run
managed,
labor
and
the
migrating
and
manage
resources
into
telephone
demands
to
understand
the
cloud
footprint
and
by
the
way.
Today
we
are
the
only
solution
that
is
scan
and
entitled
footprint
and
can
generate
telephone
code
for
that,
and
you
can
sign
up
for
free
and
use
that,
and
so,
for
instance,
this
one
is
an
S3
bucket
ACL.
B
A
B
Yeah
so
I'd
answer
this
from
two
different
perspectives
and
if
you
have
some
kubernetes
results
and
you
haven't
okay-
and
the
answer
is
yes,
you
can
generate
generative
way.
I
can
do
everything
for
you.
So
if
you
have,
if
you
have
anything
a
yellow
file
or
yaml
manifest,
and
you
want
to
migrate
to
helm,
charts
or
twice,
it
will
ensure
you.
It's
the
same.
B
A
A
B
B
So
now
I'm
utilizing
a
AAC
and
and
I
will
generate
the
help
of
deployment
for
English
rule
it
takes
few
seconds
and
then
we
will
see
that
we
can
utilize
a
AC
to
migrate
to
one
IC
to
another,
but
in
the
real
world,
if
the
results
exist
in
the
cloud
or
in
the
kubernetes,
you
can
use
Firefly
to
generate
it
and
I
will
save
it
into
a
dedicated
file.
For
you.
B
Here
so
regarding
the
kubernetes
question
right
now,
I
see
generated
kubernetes
in
health
charts
with
Ingress
rule.
A
B
Yeah
definitely
and
I'd
like
to
elaborate
on
cross-plane.
That's
a
really
unique
and
great
talking
so
still
immature
that
they
sit
at
the
community
and
adapt
and
builds
a
great
thing.
Some
of
them
question
is
a
kubernetes
based
infrastructure
scotul.
They
tell
you
to
generate
one
unified
resource,
a
cloud
agnostic
ISC,
for
instance,
if
now
I
have
S3
bucket
Azure,
blob,
storage
and
GCS
through
the
three
different
resources
in
telephone.
We
need
to
generate
three
different
resources
using
a
cross
plane.
A
It
is
really
cool
and-
and
you
can
offer
your
developers
a
way
to
self-service
provision
stuff
in
a
much
simpler
interface,
where
you
have
a
lot
of
the
default
set
to
whatever
you
want
as
an
operator,
and
then
they
can.
You
expose
only
the
knobs
of
what
they
need
I'm
across
a
cross-plane
fan.
A
That's
super
cool
yeah,
so
so
I
think
that
kind
of
lends
itself
to
maybe
talking
about
in
general,
maybe
just
listing
off
a
lot
of
different
technologies
that
this
is
compatible
with.
A
So
we're
talking
about
just
peripherally
we're
mentioning
a
lot
of
different
Technologies
like
all
the
different
Cloud
providers
or
terraform
cross-plane
policy
agents.
What
other
Technologies
can
you
use
aiac
with,
or
would
you
want
to
use
this
I
understand?
Okay,.
B
Thank
you
Francis.
Thank
you
for
that.
So
it's
not
just
for
infrastructure.
As
code
as
I
mentioned,
we
discussed
them
about.
We
discussed
on
a
telephone
problem
of
those
Solutions,
but
you
can
generate
a
query
for
the
database.
Doesn't
matter
it
doesn't
matter
if
it's
elasticsearch
or
mongodb
I,
basically
don't
write
a
regex
anymore
using
AC
and
just
use
this
for
genetic
genetic.
For
me,
that's.
B
A
Yeah,
no
more
Rejects
awesome,
so
you
showed
you
showed
the
cloud
formation
resources
and
then
you
showed
aiac
generating
terraformal
code
for
just
a
subset
of
those
resources,
and
you
said
that
would
take
20
minutes
or
something
to
generate.
That
is
that
correct
did
I,
follow
that
correctly.
A
A
A
B
A
A
B
A
B
A
B
That
everyone
should
use
a
GitHub
pilot
and
to
use
a
AIC
institutions
like
that
and
to
streamline
your
day-to-day
work,
never
save
Secrets,
none
enough
for
a
needle
for
your
LGBT,
no
for
your
code
and
you
can
take
a
look
at
fact.
I
believe
that
we
can
solve
a
lot
of
challenges
regarding
the
thanks.
Don't
forget
the
AC
dot
Dev,
that's
our
open
source
store!
Oh.
A
Let
me
I'll
highlight
here's
the
open
source
tool
check
it
out.
Aiac.Dev
all
right,
I'm,
gonna,
say
goodbye.
I
have
thanks
everyone
for
joining
today's
episode
of
cloud
native
live.
It
was
great
to
have
Sefi
Janus.
Thank
you,
sephi
for
sharing
your
time
and
your
expertise
with
us
today.
So
if
you
talked
about
using
AI
to
migrate
infrastructures
code
with
the
open
source
project,
aiac
I've
Loved,
also
the
interaction
and
questions
from
chat.
Thank
you
all
for
participating,
and
here
at
cloudnative
live.