Remediating Rogue Resources in an Infrastructure as Code Multi-Cloud Environment
Administrating system architectures has historically been a time-consuming and error-prone process. DevOps is a set of practices that aims to, among other goals, speed up deployment of systems and improve its quality. One of the ways one can achieve these goals, is by adopting Infrastructure as Code (IaC). IaC is the practice of describing infrastructure in code and automatically configuring systems using these definitions. This is opposed to traditional system deployment, where sysadmins configure systems manually in an interactive fashion.
As it turns out, IaC is a good fit for cloud computing. Cloud services can offer system resources on-demand, which can then be automatically provisioned using IaC. When adopting the cloud, companies have the choice between relying on a single service provider, or using multiple vendors at once. The latter scenario is called a multi-cloud environment. A key advantage of multi-cloud is avoiding vendor lock-in and avoiding reliance on one vendor. However, each cloud vendor often has its own product offering and its own APIs, which makes cooperation more difficult. While we can use IaC to manage systems in the cloud, it does introduce some problems. One of these problems is configuration drift. There is no clear definition of the term “configuration drift,” but it is often described as “undocumented configuration changes made to a running system”. In this research project we have focused on the detection and remediation of resources outside of a certain “state” that affect resources inside the “state,” which we define as “rogue resources.” We define “state” as “the collection of IaC-managed resources.” Rogue resources can introduce several problems for the defined state. For one, it could actively interfere with the functionality of IaC. If there are rogue resources that depend on IaC infrastructure, it could for example hinder deployments.
Another problem is that these rogue resources can compromise security, as they are not documented by IaC. We are therefore interested in remediating these rogue resources in order to bring the system back into a known state and avoid these risks.
In this research, we have investigated how to detect and remediate rogue resources in a multi-cloud environment. To this end, we have designed and develop a tool that implements our research. We have limited our research scope in the following three ways. Firstly, while we would like to investigate the offerings of many cloud platforms, we deem this to broad of a scope for this research. Therefore, we will limit ourselves to two cloud platforms: Amazon Web Services (AWS) & Hetzner Cloud. We decide to use AWS and Hetzner Cloud because we have easy access to knowledge for these cloud providers. We choose Hetzner Cloud over another big cloud provider, because we think it is important to include a smaller cloud platform for the reason that a smaller platform may lack services that large providers do provide. Furthermore, we identify several open source Infrastructure as Code tools specialized in provisioning that we could use for our research. Two popular tools with these criteria are Terraform and Pulumi. We decide to use Terraform, because it is more popular than Pulumi. Lastly, in terms of cloud resources, we will focus our research on compute resources.
Given this scope, we are now ready to define our research question:
How to detect and remediate rogue resources in a multi-cloud environment defined by Infrastructure as Code?
