Book Image

Enterprise DevOps for Architects

By : Jeroen Mulder
4 (1)
Book Image

Enterprise DevOps for Architects

4 (1)
By: Jeroen Mulder

Overview of this book

Digital transformation is the new paradigm in enterprises, but the big question remains: is the enterprise ready for transformation using native technology embedded in Agile/DevOps? With this book, you'll see how to design, implement, and integrate DevOps in the enterprise architecture while keeping the Ops team on board and remaining resilient. The focus of the book is not to introduce the hundreds of different tools that are available for implementing DevOps, but instead to show you how to create a successful DevOps architecture. This book provides an architectural overview of DevOps, AIOps, and DevSecOps – the three domains that drive and accelerate digital transformation. Complete with step-by-step explanations of essential concepts, practical examples, and self-assessment questions, this DevOps book will help you to successfully integrate DevOps into enterprise architecture. You'll learn what AIOps is and what value it can bring to an enterprise. Lastly, you will learn how to integrate security principles such as zero-trust and industry security frameworks into DevOps with DevSecOps. By the end of this DevOps book, you'll be able to develop robust DevOps architectures, know which toolsets you can use for your DevOps implementation, and have a deeper understanding of next-level DevOps by implementing Site Reliability Engineering (SRE).
Table of Contents (21 chapters)
1
Section 1: Architecting DevOps for Enterprises
7
Section 2: Creating the Shift Left with AIOps
13
Section 3: Bridging Security with DevSecOps

Understanding zero trust principles

Zero trust really means zero trust, for starters. The principles of zero trust have gained a lot of traction in IT security over the past few years, and for a good reason. Attacks don't just come from the outside, but also from the internal networks in enterprises. Zero trust advocates that any user, or maybe every identity, is authenticated, regardless of whether the user is inside or outside the enterprise's network. When authenticated, the user must be validated against security policies and authorized before access to applications is granted. Data access should only be granted through verified applications to which users are authenticated and authorized.

Before we learn how this would work in DevSecOps, and particularly in Continuous Integration/Continuous Deployment (CI/CD) pipelines, we need to have a deeper look at the principles of zero trust.

Zero trust starts with knowing who's in the enterprise's network. There...