michael capture 2

Hands On Tech: Infrastructure as Code

Infrastructure as Code (IaC) is the management of infrastructure (networks, virtual machines, load balancers, and connection topology) through machine-readable definition files, rather than a physical hardware configuration. GigaOm Analyst Michael Levan is currently conducting research on IaC testing, an emerging sector that brings the benefits of software testing to the infrastructure management space.

IaC testing is a young field, but Levan was intrigued at the maturity he saw from a specific solution, BridgeCrew Checkov, which he describes as a leader in the space. In a recent video, Levan walks viewers through the solution, which features a UI for admins to view the results of different tests, as well a command line interface to run tests and view results. He also explores issues and priorities that IT decision makers should consider when evaluating IaC solutions.

Levan says two approaches to IaC testing are flourishing—static code analysis for IaC and Policy as Code.

“It’s going to be all about need. Some organizations may just want some static code analysis so they know what the code will do and how it will interact with systems before it runs,” he says. “Other organizations will want specific policies in place for the Infrastructure as Code from a security and compliance perspective.”

Because the space is so new, Levan says it’s critical for the engineering lead to buy a product that fits specific needs and can address the inevitable shifts that will happen over the next few years. He also notes that while there is a distinct difference between IaC and policy as code, the lines are becoming increasingly blurred. Ultimately, he says, it’s important to remember that everyone running an engineering department or writing code understands that code is code—and all code should be tested.

“It doesn’t matter if it’s application code or not, it must be tested to ensure that when the code runs, everyone has an understanding of what it’s doing, that bugs are found early on, and that iterations can be made to make it more efficient.”

View Michael Levan’s Walk-Through of Bridgecrew Checkov