How do you separate the production environment from testing or development environments?
Alloy maintains a clear separation between its production environment and testing/development environments through a multi-tiered approach:
Distinct Environments:
Alloy employs four distinct environments: Labs, Orbs, Staging, and two Production Environments (UK and AU). This demarcation ensures that each phase of software development and testing occurs within dedicated spaces, preventing inadvertent interactions between development and production systems.
Parameterized Templated Pipelines:
Deployment processes are orchestrated using parameterized templated pipelines. These pipelines are designed to deploy applications and services in a consistent manner across various environments, while adapting to the specific resource configurations required for each environment. This guarantees that deployments remain identical in structure, yet customized to their respective environments.
Role-Based Access Control:
Access to execute production or staging pipelines is strictly restricted to authorized individuals. This role-based access control ensures that only authorized personnel are capable of initiating deployments to these critical environments. This approach minimizes the risk of unintentional or unauthorized changes affecting production or staging systems.
Limited Access to Deployed Resources:
Engineering teams are not granted direct access to deployed resources in production or staging environments. This restriction prevents any direct modification or contamination of these environments by the development teams. By isolating access, Alloy significantly reduces the potential for unintended interactions that could impact the stability and security of live systems.
Private VPCs for Each Environment:
Resources within each environment are contained within private Virtual Private Clouds (VPCs). This setup enforces isolation and prevents communication between environments. Even in the event of accidental networking configuration, the isolated VPCs ensure that no unauthorized or unintended interaction can occur across environments.