Deployment pipelines can be hosted in the cloud, especially as testing environments can highly benefit from cloud elasticity, repetitive clean setup and better consistency among different environments. Cloud hosting security aspects shall be take place (cf. Application Design Considerations) and enhanced by other security considerations:
- Lock down your pipeline environment most of the time and track all changes to the pipelines.
- Integrate continuous security testing throughout the pipeline, which includes:
- IDE / pre-commit analysis
- Build and integration servers
- End-to-End testing environments
- Integrate security monitoring in the production environment (cf. Netflix Conformity and Security Monkeys / Simian Army).
- Team down testing environments every time the repsective tests are finished, at least regularly. This reduced the risk of long-running instances and provides an opportunity to update security patches before relaunch.
- Automate the pipelines as much as possible through infrastructure-as-a-code, and promote code reuse, especially for improving environment consistency between various testing and production environments. This includes automating security operations through security vendors\’ APIs.
- Consider encrypting sensitive logs and test data (in any resource state).
- No direct change is permitted to any of the environments without going through the pipeline (and its change tracking). For diagnosis, try to use monitoring data, shpped logs, and a replicated environment as much as possible without directly accessing and modifying an environment.
- Test your infrastructure code (not just application code) for security vulnerabilities, e.g. by utilizing Sonar Cube.
- Be able to generate regular conformance and auditing output through automation.