J¨¢ h¨¢ algum tempo recomendamos um maior controle do time de desenvolvimento sobre toda sua stack, incluindo a infraestrutura. Isso significa maior responsabilidade do pr¨®prio time de desenvolvimento para configurar a infraestrutura de maneira segura, protegida e em conformidade com padr?es da organiza??o. Ao adotar estrat¨¦gias de nuvem, a maioria das organiza??es usa como padr?o uma configura??o bem controlada e centralizada para reduzir riscos, mas isso tamb¨¦m cria gargalos substanciais de produtividade. Uma abordagem alternativa ¨¦ permitir que os times gerenciem sua pr¨®pria configura??o e usem um analisador automatizado da configura??o de infraestrutura para garantir que a configura??o seja definida de maneira segura e protegida. As op??es incluem analisadores de c¨®digo aberto, como para AWS e kube-bench para Kubernetes. Para uma detec??o mais cont¨ªnua, vale a pena olhar para plataformas de nuvem como a AWS Config Rules, entre outros servi?os comerciais.
For some time now we've recommended increased delivery team ownership of their entire stack, including infrastructure. This means increased responsibility in the delivery team itself for configuring infrastructure in a safe, secure, and compliant way. When adopting cloud strategies, most organizations default to a tightly locked-down and centrally managed configuration to reduce risk, but this also creates substantial productivity bottlenecks. An alternative approach is to allow teams to manage their own configuration, and use an Infrastructure configuration scanner to ensure the configuration is set in a safe and secure way. is an interesting tool, built to provide rule-driven assurance of AWS account configurations that are owned and operated independently by delivery teams. Scout2 is another example of configuration scanning to support secure compliance.
For some time now we've recommended increased delivery team ownership of their entire stack, including infrastructure. This means increased responsibility in the delivery team itself for configuring infrastructure in a safe, secure, and compliant way. When adopting cloud strategies, most organizations default to a tightly locked-down and centrally managed configuration to reduce risk, but this also creates substantial productivity bottlenecks. An alternative approach is to allow teams to manage their own configuration, and use an Infrastructure configuration scanner to ensure the configuration is set in a safe and secure way. is an interesting tool, built to provide rule-driven assurance of AWS account configurations that are owned and operated independently by delivery teams. Scout2 is another example of configuration scanning to support secure compliance.
