See: Data Science on AWS: Implementing End-to-End, Continuous AI and Machine Learning Pipelines 1st Edition
“An integrated development environment (IDE) is a software application that provides comprehensive facilities to computer programmers for software development. An IDE normally consists of at least a source code editor, build automation tools and a debugger. Some IDEs, such as Visual Studio, NetBeans and Eclipse, contain the necessary compiler, interpreter, or both; others, such as SharpDevelop and Lazarus, do not.” (WP)
“The boundary between an IDE and other parts of the broader software development environment is not well-defined; sometimes a version control system or various tools to simplify the construction of a graphical user interface (GUI) are integrated. Many modern IDEs also have a class browser, an object browser, and a class hierarchy diagram for use in object-oriented software development.” (WP)
“DevOps is the buzzword these days in both software and business circles. Why? Because it has revolutionized the way modern businesses do business and, in the process, achieved milestones that weren’t possible before.” On this site, “you’ll learn what DevOps is, how it evolved, how your business can benefit from implementing it, and success stories of some of the world’s biggest and most popular companies that have embraced DevOps as part of their business.” (DMH)
“DevOps – or Development and Operations – is a term used in enterprise software development that refers to a kind of agile relationship between information technologies (IT) operations and development. The primary objective of DevOps is to optimize this relationship through fostering better collaboration and communication between development and IT operations. In particular, it seeks to integrate and activate important modifications into an enterprise’s production processes as well as to strictly monitor problems and issues as they occur so these can be addressed as soon as possible without having to disrupt other aspects of the enterprise’s operations. By doing so, DevOps can help enterprises register faster turnaround times, increase frequency of deployment of crucial new software or programs, achieve faster average recovery times, increase success rate for newly released programs, and minimize the lead time needed in between modifications or fixes to programs.” (DMH)
“DevOps is crucial for the success of any enterprise because, by nature, enterprises need to segregate business units as individually operating entities for a more efficient system of operations. However, part of such segregation is the tendency to tightly control and guard access to information, processes and management. And this can be a challenge, particularly for the IT operations unit that needs access to key information from all business units in order to provide the best IT service possible for the whole enterprise. Simply put, part of the challenge in segregating business units into individually operating ones that are independent of each other is the relatively slow flow of information to and from such units because of bureaucracy.” (DMH)
“Moving towards an organizational culture based on DevOps – one where the enterprise’s operations units and IT developers are considered as “partners” instead of unrelated units – is an effective way to break down the barriers between them. This is because an enterprise whose culture is based on DevOps is one that can help IT personnel provide organization with the best possible software with the least risk for glitches, hitches, or problems. Therefore, a DevOps-based organizational culture is one that can foster an environment where segregated business units can remain independent but, at the same time, work very well with others in order to optimize the organization’s efficiency and productivity.” (DMH)
Infrastructure as code (IaC) is the process of managing and provisioning computer data centers through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools. The IT infrastructure managed by this process comprises both physical equipment, such as bare-metal servers, as well as virtual machines, and associated configuration resources. The definitions may be in a version control system. It can use either scripts or declarative definitions, rather than manual processes, but the term is more often used to promote declarative approaches.
IaC grew as a response to the difficulty posed by utility computing and second-generation web frameworks. In 2006, the launch of Amazon Web Services’ Elastic Compute Cloud and the 1.0 version of Ruby on Rails just months before created widespread scaling problems in the enterprise that were previously experienced only at large, multi-national companies. With new tools emerging to handle this ever growing field, the idea of IaC was born. The thought of modelling infrastructure with code, and then having the ability to design, implement, and deploy applications infrastructure with known software best practices appealed to both software developers and IT infrastructure administrators. The ability to treat infrastructure like code and use the same tools as any other software project would allow developers to rapidly deploy applications.
Added value and advantages
The value of IaC can be broken down into three measurable categories: cost, speed, and risk. Cost reduction aims at helping not only the enterprise financially, but also in terms of people and effort, meaning that by removing the manual component, people are able to refocus their efforts towards other enterprise tasks. Infrastructure automation enables speed through faster execution when configuring your infrastructure and aims at providing visibility to help other teams across the enterprise work quickly and more efficiently. Automation removes the risk associated with human error, like manual misconfiguration; removing this can decrease downtime and increase reliability. These outcomes and attributes help the enterprise move towards implementing a culture of DevOps, the combined working of development and operations.
Types of approaches
There are generally two approaches to IaC: declarative (functional) vs. imperative (procedural). The difference between the declarative and the imperative approach is essentially ‘what’ versus ‘how’ . The declarative approach focuses on what the eventual target configuration should be; the imperative focuses on how the infrastructure is to be changed to meet this. The declarative approach defines the desired state and the system executes what needs to happen to achieve that desired state. Imperative defines specific commands that need to be executed in the appropriate order to end with the desired conclusion. 
There are two methods of IaC: ‘push‘ and ‘pull‘ . The main difference is the manner in which the servers are told how to be configured. In the pull method the server to be configured will pull its configuration from the controlling server. In the push method the controlling server pushes the configuration to the destination system.
There are many tools that fulfill infrastructure automation capabilities and use IaC. Broadly speaking, any framework or tool that performs changes or configures infrastructure declaratively or imperatively based on a programmatic approach can be considered IaC. Traditionally, server (lifecycle) automation and configuration management tools were used to accomplish IaC. Now enterprises are also using continuous configuration automation tools or stand-alone IaC frameworks, such as Microsoft’s PowerShell DSC or AWS CloudFormation.
Continuous configuration automation
All continuous configuration automation (CCA) tools can be thought of as an extension of traditional IaC frameworks. They leverage IaC to change, configure, and automate infrastructure, and they also provide visibility, efficiency and flexibility in how infrastructure is managed. These additional attributes provide enterprise-level security and compliance.
An important aspect when considering CCA tools, if they are open source, is the community content. As Gartner states, the value of CCA tools is “as dependent on user-community-contributed content and support as it is on the commercial maturity and performance of the automation tooling.” Vendors like Puppet and Chef, those that have been around a significant amount of time, have created their own communities. Chef has Chef Community Repository and Puppet has PuppetForge. Other vendors rely on adjacent communities and leverage other IaC frameworks such as PowerShell DSC. New vendors are emerging that are not content driven, but model driven with the intelligence in the product to deliver content. These visual, object-oriented systems work well for developers, but they are especially useful to production oriented DevOps and operations constituents that value models versus scripting for content. As the field continues to develop and change, the community based content will become ever important to how IaC tools are used, unless they are model driven and object oriented.
Notable CCA tools include:
|Tool||Released by||Method||Approach||Written in||Comments|
|Chef||Chef (2009)||Pull||Declarative and imperative||Ruby||–|
|Otter||Inedo||Push||Declarative and imperative||–||Windows oriented|
|Puppet||Puppet (2005)||Pull||Declarative and imperative||C++ & Clojure since 4.0, Ruby||–|
|SaltStack||SaltStack||Push and Pull||Declarative and imperative||Python||–|
|Ansible / Ansible Tower||Red Hat (2012)||Push||Declarative and imperative||Python||–|
Relationship to DevOps
IaC can be a key attribute of enabling best practices in DevOps – Developers become more involved in defining configuration and Ops teams get involved earlier in the development process. Tools that utilize IaC bring visibility to the state and configuration of servers and ultimately provide the visibility to users within the enterprise, aiming to bring teams together to maximize their efforts. Automation in general aims to take the confusion and error-prone aspect of manual processes and make it more efficient, and productive. Allowing for better software and applications to be created with flexibility, less downtime, and an overall cost effective way for the company. IaC is intended to reduce the complexity that kills efficiency out of manual configuration. Automation and collaboration are considered central points in DevOps; Infrastructure automation tools are often included as components of a DevOps toolchain.
Relationship to security
The 2020 Cloud Threat Report released by Unit 42 (the threat intelligence unit of cybersecurity provider Palo Alto Networks) identified around 200,000 potential vulnerabilities in infrastructure as code templates.
- ^ Wittig, Andreas; Wittig, Michael (2016). Amazon Web Services in Action. Manning Press. p. 93. ISBN 978-1-61729-288-0.
- ^ Bower, Joseph L.; Christensen, Clayton M. “Disruptive Technologies: Catching the Wave”. Harvard Business Review.
- ^ a b c Fletcher, Colin; Cosgrove, Terrence (26 August 2015). Innovation Insight for Continuous Configuration Automation Tools. Gartner (Report).
- ^ Riley, Chris (12 November 2015). “Version Your Infrastructure”. DevOps.com.
- ^ Phillips, Andrew (14 May 2015). “Moving from Infrastructure Automation to True DevOps”. DevOps.com.
- ^ “Declarative v. Imperative Models for Configuration Management: Which Is Really Better?”. Scriptrock.com. Retrieved 14 December 2015.
- ^ Loschwitz, Martin (14 November 2014). “Choosing between the leading open source configuration managers”. Admin Network & Security. Lawrence, KS USA: Linux New Media USA LLC.
- ^ Venezia, Paul (21 November 2013). “Puppet vs. Chef vs. Ansible vs. Salt”. networkworld.com. Network World. Retrieved 14 December 2015.
- ^ Garner Market Trends: DevOps – Not a Market, but Tool-Centric Philosophy That supports a Continuous Delivery Value Chain (Report). Gartner. 18 February 2015.
- ^ a b Chaganti, Ravikanth (5 January 2016). “DevOps, Infrastructure as Code, and PowerShell DSC: The Introduction”. PowerShell Magazine. PowerShell Magazine. Retrieved 11 January 2016.
- ^ https://aws.amazon.com/about-aws/whats-new/2011/02/25/introducing-aws-cloudformation/
- ^ Sturgeon, Phil (28 October 2012). “Puppet or Chef?”.
- ^ Ramos, Martin (4 November 2015). “Continuous Integration: Infrastructure as Code in DevOps”. easydynamics.com. Archived from the original on 6 February 2016. Retrieved 29 January 2016.
- ^ Infrastructure As Code: Fueling the Fire for Faster Application Delivery (Report). Forrester. March 2015.
- ^ Wurster, Laurie F.; Colville, Ronni J.; Height, Cameron; Tripathi, Somendra; Rastogi, Aditi. Emerging Technology Analysis: DevOps a Culture Shift, Not a Technology (Report). Gartner.
- ^ “Cloud Threat Report Shows Need for Consistent DevSecOps”. InformationWeek. Retrieved 24 February 2020.
- Agile software development
- Software development process
- Configuration management
- Systems engineering
- Orchestration software
- Cloud computing
- As a service
See also: Configuration management (CM)
Not to be confused with Version Control System.
In software engineering, software configuration management (SCM or S/W CM) is the task of tracking and controlling changes in the software, part of the larger cross-disciplinary field of configuration management. SCM practices include revision control and the establishment of baselines. If something goes wrong, SCM can determine what was changed and who changed it. If a configuration is working well, SCM can determine how to replicate it across many hosts.
The acronym “SCM” is also expanded as source configuration management process and software change and configuration management. However, “configuration” is generally understood to cover changes typically made by a system administrator.
The goals of SCM are generally:
- Configuration identification – Identifying configurations, configuration items and baselines.
- Configuration control – Implementing a controlled change process. This is usually achieved by setting up a change control board whose primary function is to approve or reject all change requests that are sent against any baseline.
- Configuration status accounting – Recording and reporting all the necessary information on the status of the development process.
- Configuration auditing – Ensuring that configurations contain all their intended parts and are sound with respect to their specifying documents, including requirements, architectural specifications and user manuals.
- Build management – Managing the process and tools used for builds.
- Process management – Ensuring adherence to the organization’s development process.
- Environment management – Managing the software and hardware that host the system.
- Teamwork – Facilitate team interactions related to the process.
- Defect tracking – Making sure every defect has traceability back to the source.
With the introduction of cloud computing the purposes of SCM tools have become merged in some cases. The SCM tools themselves have become virtual appliances that can be instantiated as virtual machines and saved with state and version. The tools can model and manage cloud-based virtual resources, including virtual appliances, storage units, and software bundles. The roles and responsibilities of the actors have become merged as well with developers now being able to dynamically instantiate virtual servers and related resources.
The history of software configuration management (SCM) in computing can be traced back as early as the 1950s, when CM (for Configuration Management), originally for hardware development and production control, was being applied to software development. Early software had a physical footprint, such as cards, tapes, and other media. The first software configuration management was a manual operation. With the advances in language and complexity, software engineering, involving configuration management and other methods, became a major concern due to issues like schedule, budget, and quality. Practical lessons, over the years, had led to the definition, and establishment, of procedures and tools. Eventually, the tools became systems to manage software changes. Industry-wide practices were offered as solutions, either in an open or proprietary manner (such as Revision Control System). With the growing use of computers, systems emerged that handled a broader scope, including requirements management, design alternatives, quality control, and more; later tools followed the guidelines of organizations, such as the Capability Maturity Model of the Software Engineering Institute.
- Application lifecycle management
- Comparison of open source configuration management software
- Comparison of version control software
- Continuous configuration automation
- List of revision control software
- Infrastructure as Code
- ^ Roger S. Pressman (2009). Software Engineering: A Practitioner’s Approach (7th International ed.). New York: McGraw-Hill.
- ^ Gartner and Forrester Research
- ^ Amies, A; Peddle S; Pan T M; Zou P X (June 5, 2012). “Develop cloud applications with Rational tools”. IBM DeveloperWorks. IBM.
- ^ “1988 “A Guide to Understanding Configuration Management in Trusted Systems” National Computer Security System (via Google)
- 828-2012 IEEE Standard for Configuration Management in Systems and Software Engineering. 2012. doi:10.1109/IEEESTD.2012.6170935. ISBN 978-0-7381-7232-3.
- Aiello, R. (2010). Configuration Management Best Practices: Practical Methods that Work in the Real World (1st ed.). Addison-Wesley. ISBN 0-321-68586-5.
- Babich, W.A. (1986). Software Configuration Management, Coordination for Team Productivity. 1st edition. Boston: Addison-Wesley
- Berczuk, Appleton; (2003). Software Configuration Management Patterns: Effective TeamWork, Practical Integration (1st ed.). Addison-Wesley. ISBN 0-201-74117-2.
- Bersoff, E.H. (1997). Elements of Software Configuration Management. IEEE Computer Society Press, Los Alamitos, CA, 1-32
- Dennis, A., Wixom, B.H. & Tegarden, D. (2002). System Analysis & Design: An Object-Oriented Approach with UML. Hoboken, New York: John Wiley & Sons, Inc.
- Department of Defense, USA (2001). Military Handbook: Configuration management guidance (rev. A) (MIL-HDBK-61A). Retrieved January 5, 2010, from http://www.everyspec.com/MIL-HDBK/MIL-HDBK-0001-0099/MIL-HDBK-61_11531/
- Futrell, R.T. et al. (2002). Quality Software Project Management. 1st edition. Prentice-Hall.
- International Organization for Standardization (2003). ISO 10007: Quality management systems – Guidelines for configuration management.
- Saeki M. (2003). Embedding Metrics into Information Systems Development Methods: An Application of Method Engineering Technique. CAiSE 2003, 374–389.
- Scott, J.A. & Nisse, D. (2001). Software configuration management. In: Guide to Software Engineering Body of Knowledge. Retrieved January 5, 2010, from http://www.computer.org/portal/web/swebok/htmlformat
- Paul M. Duvall, Steve Matyas, and Andrew Glover (2007). Continuous Integration: Improving Software Quality and Reducing Risk. (1st ed.). Addison-Wesley Professional. ISBN 0-321-33638-0.
- SCM and ISO 9001 by Robert Bamford and William Deibler, SSQC
- Use Cases and Implementing Application Lifecycle Management
- Parallel Development Strategies for Software Configuration Management
An item that watches a single metric over a specified time period and triggers an Amazon SNS topic or an Amazon EC2 Auto Scaling policy if the value of the metric crosses a threshold value over a predetermined number of time periods.
A webpage showing your month-to-date AWS usage and costs. The account activity page is located at https://aws.amazon.com/account-activity/.
A formal relationship with AWS that is associated with all of the following:
The owner email address and password
The control of resources created under its umbrella
Payment for the AWS activity related to those resources
The AWS account has permission to do anything and everything with all the AWS account resources. This is in contrast to a user, which is an entity contained within the account.
access policy language
A language for writing documents (that is, policies) that specify who can access a particular AWS resource and under what conditions.
access key ID
A unique identifier that’s associated with a secret access key; the access key ID and secret access key are used together to sign programmatic AWS requests cryptographically.
The combination of an access key ID (like AKIAIOSFODNN7EXAMPLE) and a secret access key (like wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY). You use access keys to sign API requests that you make to AWS.