Breaking through with managed DevSecOps on AWS


Any time you can bridge a divide or break down a barrier, you create value. Digital transformation is helping a lot of companies do exactly that in the way they innovate, compete and communicate.

But there’s also a lot of value to be gained from the way we build new digital-driven systems and solutions. Until recently, different components of the technology value chain evolved at different speeds, which resulted in naturally-occurring divisions in the way solutions were built and administered, with separate groups for development, operations and security.  Getting anything done required us to scale one wall after another.

Cloud computing began to break down those barriers, making it possible to share many of the responsibilities across the traditional boundaries between developers and the operators. This has resulted in massive benefits for everyone involved and is referred to as DevOps.

The advent of cloud computing also changed the way many companies deploy and run environments. Instead of taking on the expense of building an in-house team, companies can take advantage of public cloud managed services to run and maintain their environments, including responsibility for security. Beside infrastructure, companies like DXC can also deliver developers, architects, and advisors to help customers bring a new product or service to life.

Here again, we have a natural barrier to break through between the in-house DevOps team and the managed services team. This division can prevent a business from developing true end-to-end solutions with a feedback cycle from operations to development. To break through that barrier, we need to bring managed services to DevOps. But how do you get there?

Adding an infrastructure as code (e.g. AWS CloudFormation) validation pipeline to an existing cloud managed service capability results in the creation of an integrated CI/CD pipeline between client and provider. Then, adding the ability for advisors, architects, operators, and security experts to use the pipeline to collaborate with the client on demand, creates a collaborative capability called managed DevSecOps.

A number of unique features make this a real value-added barrier buster. First, a simple API allows you to spin up a Jira project and git repository in minutes for new projects. Charged on demand, this means that a place for collaboration can be created quickly and for as many projects as needed for migration, refactoring or new development. Regardless of project status, there’s a place to store the artifacts and discuss the right landing zone and architecture.

Second, managed DevSecOps would include the ability to submit cloud formation infrastructure templates via AWS CodeCommit or Amazon S3. Templates would be automatically evaluated for security and operational standards and put in a queue for approval and deployment to the target environment. Security and operations experts would manually evaluate the code following the automated validation to ensure operational readiness, and then deploy to the fully managed environment either as a new deployment or as an update to an existing environment.

Any issues found in the automated validation, manual review, or in an ongoing run would be submitted directly into the backlog on Jira, and/or filed as a ticket in ServiceNow, and/or automatically remediated. Plus, additional advisory and consulting resources from across the technology spectrum could be granted access to Jira and the git repository as needed to do anything from a simple lift and shift migration, to re-architecting for the cloud or building an entirely new service.

End to end, managed DevSecOps breaks through that last, critical barrier to provide companies with an array of services in a collaborative fashion on demand. It establishes the virtuous cycle with the operations team providing feedback to the developers and product owner, who then make improvements which are deployed by the operations team, and the cycle repeats.

By combining managed services with application development, cloud security and architecture services in a single seamless experience, managed DevSecOps can provide a better experience than is available anywhere else in the industry.

Eric-Moore-headshotEric Moore is Chief Technologist for the AWS Integrated Practice at DXC Technology. He is experienced in cloud computing, architecture and automation with a background in operations, business consulting, and security.

Speak Your Mind


This site uses Akismet to reduce spam. Learn how your comment data is processed.