Chapter 11. 360-Degree Continuous Compliance
Who
-
Engineers
Why
Developers are naturally curious and are therefore likely to have existing experience in your chosen cloud platform. Harnessing their enthusiasm and passion is absolutely critical to driving cultural transformation within your organization. This enthusiasm, however, can create tension, as developers are likely to request broad access to a wide variety of services without significant enterprise control. This leaves us with a challenge: how do we apply our security policies in a consistent and reliable fashion?
A common anti-pattern we’ve seen regularly is to build or buy a brokerage layer—a piece of software that abstracts one or more cloud platforms into a common set of APIs. This is regularly framed as solving two problems:
-
Enabling longer-term arbitrage opportunities between cloud providers
-
Providing a common control point at which policy can be applied
The first problem is dealt with elsewhere in this report, where we argue that enabling only common services substantially reduces cost-efficiency and velocity in favor of a future potential opportunity.
This approach of wrapping the providers’ APIs also has a dangerous side effect, whereby you substantially change the developer experience (DX). Any knowledge your developers have already garnered in operating cloud technologies will be underutilized. Moreover, it unintentionally stymies growth for your engineers beyond ...
Get A Practical Guide to Cloud Migration now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.