Méndez Alvarez, Laura (2024) Identifying and risk-evaluating drifts in Infrastructure as Code (IaC)-managed infrastructures. Masters thesis, Dublin, National College of Ireland.
Preview |
PDF (Master of Science)
Download (4MB) | Preview |
Preview |
PDF (Configuration Manual)
Download (778kB) | Preview |
Abstract
This study investigates the impact of drifts in IaC-managed infrastructures. Using an empirical approach, I created virtual machines in three different clouds (AWS and Azure) using two different IaC tools (Terraform and Pulumi). In each virtual machine, the parameters were changed directly in each cloud console, so drifts between the state of the IaC tool and the real infrastructure were generated, identified, and classified according to the risk. Each case study was analyzed to extract key information about the context of drift, causes, and outcomes in terms of security and operational effects. The findings in this paper showed that drifts are inevitable, but monitoring and observability help when using IaC-managed infrastructures to mitigate risks that could lead to unexpected behaviour.
Item Type: | Thesis (Masters) |
---|---|
Supervisors: | Name Email Gupta, Punit UNSPECIFIED |
Subjects: | Q Science > QA Mathematics > Electronic computers. Computer science T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science T Technology > T Technology (General) > Information Technology > Cloud computing |
Divisions: | School of Computing > Master of Science in Cloud Computing |
Depositing User: | Ciara O'Brien |
Date Deposited: | 04 Jul 2025 08:28 |
Last Modified: | 04 Jul 2025 08:28 |
URI: | https://norma.ncirl.ie/id/eprint/8036 |
Actions (login required)
![]() |
View Item |