Security considerations
One of the most important consideration for Infrastructure as Code and configuration management is security. When representing infrastructure and applications for the provisioning, deployment, and configuration as code, it is quite possible to hardcode secrets and credentials within the scripts and templates, and they become part of the codebase. Even if not hardcoded within scripts and configuration documents, they might be supplied as parameters during the runtime execution by the Operations team. Either they would know the secrets beforehand or would get them from an IT administrator. In both cases, there is a possibility of security compromise.
Security is an inherent component of Infrastructure as Code for our sample application. To ensure that there are no security leaks, enough consideration and best practices are deployed while designing the artifacts. These are enterprise-scale security considerations and should be used in almost all cases. This chapter will...