Identifying and risk-evaluating drifts in Infrastructure as Code (IaC)-managed infrastructures

Méndez Alvarez, Laura (2024) Identifying and risk-evaluating drifts in Infrastructure as Code (IaC)-managed infrastructures. Masters thesis, Dublin, National College of Ireland.

Preview	PDF (Master of Science) Download (4MB) | Preview
Preview	PDF (Configuration Manual) Download (778kB) | Preview

Abstract

This study investigates the impact of drifts in IaC-managed infrastructures. Using an empirical approach, I created virtual machines in three different clouds (AWS and Azure) using two different IaC tools (Terraform and Pulumi). In each virtual machine, the parameters were changed directly in each cloud console, so drifts between the state of the IaC tool and the real infrastructure were generated, identified, and classified according to the risk. Each case study was analyzed to extract key information about the context of drift, causes, and outcomes in terms of security and operational effects. The findings in this paper showed that drifts are inevitable, but monitoring and observability help when using IaC-managed infrastructures to mitigate risks that could lead to unexpected behaviour.

Item Type:	Thesis (Masters)
Supervisors:	Name Email Gupta, Punit UNSPECIFIED
Subjects:	Q Science > QA Mathematics > Electronic computers. Computer science T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science T Technology > T Technology (General) > Information Technology > Cloud computing
Divisions:	School of Computing > Master of Science in Cloud Computing
Depositing User:	Ciara O'Brien
Date Deposited:	04 Jul 2025 08:28
Last Modified:	04 Jul 2025 08:28
URI:	https://norma.ncirl.ie/id/eprint/8036

Actions (login required)

View Item