A company is transitioning to automated management of its cloud environments. The technology involves defining configuration files that are both human-readable and machine-executable to automatically manage the provisioning and updating of resources. What is this method called and what is a key security practice that must be incorporated to ensure infrastructure integrity?
Manual configuration via graphical user interfaces with version tracking
Procedural scripting with centralized change management
Automated scripting with direct deployment access
Infrastructure as Code with rigorous source control management
The practice described is known as Infrastructure as Code, where infrastructure management tasks are automated through human-readable definition files. A crucial security practice to incorporate in this method is the use of source control management to maintain the integrity and versioning of the infrastructure code. This includes implementing commit policies, review processes, and potentially automated security testing to prevent unauthorized or malicious alterations that could lead to security breaches.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Infrastructure as Code (IaC)?
Open an interactive chat with Bash
Why is source control management important in IaC?