Modernizing your database processes with DevSecOps...DBmaestro Moderniing your database processes...
Transcript of Modernizing your database processes with DevSecOps...DBmaestro Moderniing your database processes...
Modernizing your database processes with DevSecOps
Modernizing your database processes with DevSecOpsDBmaestro
1
2
6
7
9
10
11
Introduction
The Shift to DevSecOps
Database Flow
Comprehensive Security
Managing “Drift”
Transparent Auditing
Conclusion
Table of Contents
Modernizing your database processes with DevSecOpsDBmaestro
1
Not long ago, companies enjoyed the luxury of releasing new
products and services occasionally. In those days, developers
might work for weeks, months, even years, accumulating database
changes across a mix of update scripts and shared development databases.
When it was time for the infrequent release, the burdens of assembling,
ordering, and dealing with potential conflicts and deployment issues
typically fell squarely on database administrators (DBAs). It wasn’t
uncommon for DBAs to invest significant effort installing/upgrading
production or customer sites manually, often because their databases
had long since “drifted” from the prior release schema. And that’s to say
nothing of the hair-whitening, wee-hours work involved in recovering after
unforeseen issues.
The DevOps movement has effectively rendered that a competitive
impossibility. The window between releases has shrunk in many
industries from years to weeks, days, even hours, all in the quest to deliver
incremental value to the customer more quickly and increase market share.
Such “heavy”, manual processes are simply unworkable at those speeds.
In this document, we will describe four pillars to building the infrastructure
you need to shift your database development into high gear and succeed in
today’s environment.
Introduction
Modernizing your database processes with DevSecOpsDBmaestro
2
The Shift to DevSecOps
This is precisely why various tools have come (and gone) since the dawn
of the DevOps revolution, pioneering techniques to bring database power
back to “the people”. Today’s developers enjoy a variety of offerings that
provide assistance and guidance in their database interactions.
For example, database source generation, compare & sync tools have
made it possible to focus on a database model, shared and versioned via
simple text files just like traditional code, and (more or less) detect and
synchronize changes between said model and live databases hosted by
various SQL servers. Tools to manage snapshots, clones, even generate
complex rollback scripts, have also made it safer to manage the install/
upgrade process for customers.
Modernizing your database processes with DevSecOpsDBmaestro
3
This “democratization of database development” has helped, but it
overlooks a simple, painful truth: developers are not DBAs (generally
speaking). Giving developers increased database power has made it
easier than ever before to deploy bad schemas, sub-optimal procedures
and execution paths, and that’s to say nothing of the painful wiping-the-
production-database anecdotes that litter the online graveyard of less-
fortunate companies.
Image 1: Democratization Of Database Development
DBmaestroThe Old Way
Database Database
Developers
DBAs
Security Control
Developers & DBAs
Database Release Automation
Modernizing your database processes with DevSecOpsDBmaestro
4
The resulting trajectory of DevOps today is toward bringing together not
only developers and operations, but increasing security, control, auditing,
and visibility at every level. It’s not enough simply to build, test, and deploy
new releases as quickly as possible. Winning organizations must accept
that great database power requires great database responsibility: during
development and continuous integration (CI), continuous testing (CT), and
continuous delivery (CD).
DevSecOps
Security OpearationsDevelopment
Image 2: Development + Security + Operations = DevSecOps
Modernizing your database processes with DevSecOpsDBmaestro
5
The tricky part is building the proper database “civic infrastructure” to
serve and protect along the way, striking just the right balance between
freedom and security. Developers need the freedom to iterate quickly—
even fail badly and learn from their mistakes. But that freedom needs to
end where production/customer security concerns begin.
A pipeline mechanism
to enable database change integrations
Security measures with granularity
and focus to match capability with understanding
Database compare and merge
capabilities to catch and manage
“configuration drift”
Transparent auditing for every significant action
at each step of the process
1
We suggest there are four pillars for success:
3 42
Modernizing your database processes with DevSecOpsDBmaestro
6
Developers have long enjoyed source control systems and CI tools that
automate integration of “code drops” from multiple teams into a single,
production build, but database development has lagged behind. What’s
needed is a similar pipeline approach to structure and control the flow of
database changes.
The goal is to allow teams to work in isolation yet incrementally push
their results through a tightly controlled series of stages, all the way
from integration to production. Such a framework allows the freedom
developers need to iterate quickly, yet maintains sufficient control of
their results to review and ultimately validate all the changes before
they’re pushed to production.
Database Flow
Modernizing your database processes with DevSecOpsDBmaestro
7
Image 3: Breaking Down Different Roles/Permissions and enforcing policies
Denied Acess
Partial Acsess
Unlimited Acess
Experienced Developers
DBAs
New Developers
All developers may be created equal, but not all developers are equal—
especially when it comes to working with today’s SQL databases.
Whatever tools you choose, they should offer sufficiently flexible and
finely-grained security to achieve the proper balance across your entire
DevSecOps pipeline.
Comprehensive Security
Modernizing your database processes with DevSecOpsDBmaestro
8
It’s relatively common, for example, to restrict deployment of particular
applications to specific environments, but this is only the final step. A
more comprehensive approach should include more subtle controls as
well, such as ensuring that only those developers who actually understand
the implications of a sensitive operation, say dropping a key table or
reconfiguring a crucial index, have the permissions and capability to do so.
It’s also important to consider different vectors of delivery for database
changes, as developers can be surprisingly resourceful (even downright
crafty at times). A tool that lets you secure features in its own interface
is helpful, but developers with access to the database vendor’s GUI can
simply work around it. And in the end, developers can always write their
own code to execute statements directly in the database engine. They are
developers after all.
In short, you need to ensure that your tools allow only what you wish to
happen. Otherwise, you’re leaving yourself open to new-guy-nightmare
scenarios, like accidentally wiping years of work with a single, poorly-
understood command.
Modernizing your database processes with DevSecOpsDBmaestro
9
And of course, the real world isn’t a model, so let’s be honest: sometimes
things happen to production databases that shouldn’t. Even those who
know better are sometimes forced to deploy a “hotfix” to make it through
the business day. So whatever tools you choose, you’re going to need a way
to handle such “drift” from the model before you deploy any new changes.
Otherwise – you are at risk of overriding new changes with outdated ones.
Image 4: The risk arising from simple two-way compare
Two -Way Compare Three -Way Merge
Compare Compare Compare
Override
Database Model 1
A AB B
Database Model 2
C C
Conflicts Conflicts
Known - Good Baseline
Database Model 2
Database Model 1
Merge
Managing “configuration Drift”
Modernizing your database processes with DevSecOpsDBmaestro
10
The trickiest part of the whole process is sometimes the process itself,
making sure that everything is proceeding according to plan. And this can
be especially painful in the increasingly litigious world we occupy. Proper
reporting for compliance, particularly when criminal or civil liability may be
involved, is crucial to the long-term survival of any organization.
You need answers to the big questions, if you want to defend yourself at
any arbitrary level of scrutiny. Your tools should track and let you approve
every change, and provide solid audit trails for chasing down any issues. In
short, you always need to know who made the change, what objects were
involved and where they were altered, when it all occurred, and why it
happened—just like traditional source control systems. Otherwise, you’re
practically begging for trouble at your next compliance audit.
Transparent Auditing
Headquarters: 300 Baker Avenue, suite 300, Concord, MA 01742, USA +1 978.405.3368EMEA Headquarters: 21 Yagiya Kapaim st. Petach Tikva 4900101, Israel +972.3.9248558
Copyright © 2017 DBmaestro. All rights reserved. DBmaestro is registered trademarks of DBmaestro. The DBmaestro Logo is a trademark of DBmaestro. All other trademarks used herein are the property of their respective owners.
Follow Us:
The question isn’t whether you need to replace older, “heavy”, manual
deployment and release processes; it’s how long you can survive in today’s
environment until you do. Your tools must strike the right balance between
developer liberty/capability, DevSecOps control, and database control, so
choose wisely.
Conclusion