50+ interviews and 150+ survey responses later, Stephane Jourdan has a pretty good idea of infrastructure drift causes, fixes, and their trade-offs.
Even as an experienced Terraform user, when your infrastructure team and codebase grows, it often becomes harder to track infrastructure drift—which includes configuration drift. Are you sure you know how well your Terraform codebase matches your actual tfstate?
Drift can be driven by human input, poor configuration, applications making unwanted changes, etc. It has consequences on toil and efficiency, forces teams to put in place strict controls that decrease flexibility, and can have a security impact.
There are a lot of juicy stories from the trenches on infrastructure drift. While we all probably do GitOps by the book, or have very strict processes in place, we have to interact with other teams. We also have to grant some level of access to our infrastructures to some services or tools that may eventually generate uncontrolled changes.
50+ teams were interviewed for this talk to collect stories and feedback about drift. Also, 150 teams of all sizes participated in a survey about drift from all maturity levels across Europe and the USA. In this talk, you will see their definition of drift and how it directly relates to their setups. See what the main causes of drift are within those teams, the direct impact, time spent to fix it, and learn about the panel of solutions they use to prevent it with, along with the advantages and limitations of those solutions.
Speaker: Stephane Jourdan
Slides available here
Zero Trust Security Roadshow
HashiCorp Deep Dive Demos from Ignite and KubeCon Europe
How Remote Work is Driving the Need for Multi-Cloud DevSecOps: How to Build a Pipeline
How Terraform and Behavior-Driven Development Help Shift Security Left