Case Study: Ephemeral Production Access for Developers
A leader in the Human Resources and Recruitment Optimization space has expanded its operations to new AWS regions and requires a manageable, dynamic, and secure way to manage access and to adhere to customer requirements while maintaining operational needs.
The company would like to provide developers access to MongoDBs on its production environment. To comply with customer compliance restrictions and to prevent human error, it requires:
Right-Size IAM – Grants developers “Just-Enough” access to resources for a “Just-in-Time” duration, reducing the chance of human-error and adhering to customer requirements.
Read-only Access to Production MongoDBs – On demand Via ChatOps
Read/Write Access to Production MongoDBs – On demand Via ChatOps with Approval
The company needed a robust solution that would provide the following:
- Scalability –The company had developed an internal solution that was not able to meet its growth. It requires a solution that can meet any scale of operations.
- Full Audit Trail – A solution that will document each step of the request/approve process including access justification, enabling full transparency of customer production access whenever it is required.
- One-Stop-Shop – A single solution that will manage permissions across all of the organization’s cloud resources:
“We rely heavily on MongoDB in our production environment. Managing access to it has proven to be a challenge to say the least. Our internal solution had its glory days but was unable to meet our welcomed growth.”DevOps Lead @ HR Company
The Solution – Apono Dynamic Access Flow
Using Apono’s platform, the company now has the ability to meet all the project requirements:
Automatic granting of Read access to developers who are within context and belong to the designated group, see access flow below:
ChatOps – Using the organization’s Slack tool, developers can now request Read/Write access in a simple, intuitive way.
- Scalability – Apono’s access flows can meet any scale and do not require adjustment according to growth.
- Full Audit Trail – Each action taken by the requester or approver and justification is recorded and can be viewed.
- Centralized Management to all cloud resources improves DevOps productivity while reducing MTTR.