Use Declarative & Version-Controlled Infrastructure Management

This standard mandates the use of declarative and version-controlled infrastructure management to ensure infrastructure definitions are managed like application code.

1. Use Declarative & Version-Controlled Infrastructure Management:

Ensure infrastructure definitions are managed like application code. This approach ensures consistency, auditability, and collaboration in infrastructure management.

• 1.1 Declarative Infrastructure Provisioning:
  • 1.1.1 Tool Utilisation:
    • Use Terraform, AWS CloudFormation, Pulumi, or Ansible for declarative infrastructure provisioning.
    • Automate the configuration of infrastructure provisioning tools.
  • 1.1.2 Tool Implementation:
    • Automate the execution of infrastructure provisioning tasks.
    • Implement provisioning result tracking.
• 1.2 Git Repository Storage:
  • 1.2.1 Version Control:
    • Store all IaC configurations in Git repositories with proper version control.
    • Automate the version control of IaC configurations.
  • 1.2.2 Configuration Management:
    • Automate the management of IaC configuration updates.
    • Implement configuration change tracking.
• 1.3 Pull Requests and Code Reviews:
  • 1.3.1 Change Requirements:
    • Ensure pull requests and code reviews are required before making infrastructure changes.
    • Automate the enforcement of pull request requirements.
  • 1.3.2 Review Implementation:
    • Automate the code review process for infrastructure changes.
    • Implement review feedback collection.

By using declarative and version-controlled infrastructure management, organisations can ensure consistent and auditable infrastructure changes.

---