"Serverless is for Pragmatists: CI/CD in the Age of IaC" by: Anna Spysz and Chase Douglas
Over the past 5 years, a common application development theme has emerged as the combination of both code and infrastructure to comprise applications. In particular, it's almost impossible to manage a serverless application without Infrastructure-as-Code, because any stateful application of reasonable scope will require a combination of compute resources alongside queues, pub-sub topics, databases, storage, and more.
As these application architectures mature, best practices are also developing. While we may understand CI/CD processes for application code, similar mechanisms for Infrastructure-as-Code may be less familiar. This talk will present best practices that we’ve developed by working with our customers, including:
- Managing and isolating environments across cloud accounts for parameters, secrets, and resources
- Automated deployments of preview environments for PRs
- Auditing infrastructure templates to ensure least-privileged permissions
- Managing permissions and access controls for individual developers to be productive
- Providing controls to meet regulatory compliance like SOC-2 for modern, serverless application delivery
Our goal is to share these learnings with a broader set of people, and to reach those beyond our previous audiences within the serverless application development community. This talk will be focused on specific techniques and is meant to apply to a broad range of serverless and other IaC projects.
Recorded at the 2020 Python Web Conference (https://2020.pythonwebconf.com)