Hacker News new | past | comments | ask | show | jobs | submit login

Is this sarcasm? What's stopping whoever does have the permissions from "sneaking code into production?" This seems like something pretty easily addressed by a combination of code signing and time-gated permissions. A small dev team may not have the time or energy to stand those systems up, but a blanket statement that it's a security concern seems like a bit much.



> What's stopping whoever does have the permissions from "sneaking code into production?"

In our arrangement, the ability to push code to production is gated by the GitHub/Azure integration path. The QA or project person who is rotating the production deployment slots (azure functions) is not granted access in GitHub to deploy to those same functions.

So, the developers pushing code and those deploying code are mutually exclusive groups. You could still defeat this with collaboration between employees or screwing with AAD records, but that's why we have a ton of audit logging turned on too.


SOC II and other audits tend to come with the same baggage- they want strict roles and separation of duties between operations and engineering.


Having worked at companies like that - usually utter incompetence of 'release engineers'.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: