As the executive sponsor of our InfoSec team, I was sitting in on a webcast about the depth and breadth of cloud security. The presentation included a tremendous amount of information and best practices about tightening the security around a hosted offering. There was information about policies and employee habits to go along with all the settings and configurations. All great stuff for a provider of software to businesses, but it was when he said, "compile the infrastructure" that I snapped to attention. I had heard the phrase "infrastructure as code" and dismissed it like I dismiss the use of "cloud" to describe a million different things.
So when this stranger speaking through the giant display in our conference room said, "compile the infrastructure" I realized that infrastructure as code is just as real as the cloud and just as misunderstood. Everything I had previously planned for that day was ruined. Maybe I'm just thick, but I finally got it. These modern infrastructure as a service providers (AWS, Azure, Google) have set us up for great success. We just have to start checking our infrastructure into our source code repository.
Ok, there might be a few steps in between, but essentially that is it. We had to stop thinking about our hosting environment as servers. Maybe I'm too old to adapt quickly, but once I did that, it all made perfect sense. Just like every other aspect of our product, the product manager and business analysts write user stories and acceptance criteria. The development lead and system architects work together to determine the best tool for the job. Then when the development team implements, they create or modify configuration files that deploy our hosting services and check those changes into source control. Now when QA deploys the latest build, the infrastructure stack is created using the configuration files, and the code is deployed to those hosting services. So we're always testing against the most current configuration. And when we create the release candidate, the infrastructure is in the release.
Infrastructure as code--the concept is so elegant in its simplicity I'm embarrassed how long it took me to get on board.