August 2021 Summaries
3 posts from Humanitec
Filter
Month:
Year:
Post Summaries
Back to Blog
Humanitec, an Internal Developer Platform, has made Role-Based Access Control (RBAC) generally available to Operations teams and Managers, allowing them to control access to certain information and actions such as deployments to production. RBAC is a way of managing authorization where permissions are collected into roles assigned to users based on their job or function within the organization. This makes managing permissions easier by considering the job a user has rather than exact permissions on a case-by-case basis, reducing maintenance and security risks and preventing accidental changes to sensitive areas. In Humanitec, RBAC enables developers to collaborate efficiently without worrying about security issues, with roles covering Organization, Application, and Environment Types, including Member, Manager, Administrator, Viewer, Developer, and Owner Roles. The "Principle Of Least Privilege" (POLP) is recommended when planning the RBAC strategy to ensure users have only the minimum set of permissions necessary for their job, making it possible to limit access to production environments, applications, and resources based on user roles and responsibilities.
Aug 31, 2021
979 words in the original blog post.
This article discusses the importance of striking a balance between giving developers autonomy to "build it" and allowing them to "run it", which is a fundamental principle of DevOps. However, many teams get this balance wrong, either by overwhelming developers with too much complexity or by not providing enough guidance and abstraction. The author argues that developer self-service is often misused as an excuse for shifting work left or belittling developers. To avoid these pitfalls, the article suggests considering the "cognitive load" tradeoff, which involves determining how much complexity and autonomy to give developers based on their individual capabilities and preferences. The ideal approach is to provide golden paths that abstract away complex tasks while still allowing developers to make choices and learn new skills. By communicating effectively with developers and iterating with them, teams can build self-service setups that are both empowering and manageable.
Aug 27, 2021
2,235 words in the original blog post.
The goal of DevOps is to increase efficiency and collaboration between teams by automating repetitive tasks. However, simply automating tasks does not guarantee success in DevOps. A balance must be found between automation and human involvement. Automation helps gain visibility, streamlines processes, and provides near-continuous feedback, but over-automation can lead to inefficiencies and a loss of control. To achieve the right balance, it's essential to plan carefully, start small, and focus on automating the most critical tasks first. The key is to understand what your team does and how they work, and then identify areas for improvement. Building upon established standards and best practices can also help streamline processes. Automating fundamental building blocks such as version control, CI/CD, and infrastructure provisioning can significantly improve efficiency. By measuring and iterating on automated processes, teams can continuously improve and optimize their workflows. Ultimately, the goal is to create a working environment where developers can "self-serve" without relying on an Ops team or repetitive tasks.
Aug 12, 2021
1,955 words in the original blog post.