NCI WEBSITE
NORMA eResearch @NCI Library

Detecting and Mitigating AWS-Specific Code Smells in Ansible Infrastructure as Code

Tools

Konka, Srikanth (2025) Detecting and Mitigating AWS-Specific Code Smells in Ansible Infrastructure as Code. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
 PDF (Master of Science)
Download (1MB) | Preview
[thumbnail of Configuration Manual]
Preview
 PDF (Configuration Manual)
Download (912kB) | Preview

Abstract

This research examines the vital problem of code smells in Ansible infrastructure-as-code (IaC) scripts specifically for AWS deployment scenarios. The research uses previously studied assessment methods in IaC quality assessment to create a new three-tiered framework for code smell detection and mitigation that integrates static analysis, program dependence graph (PDG) analysis and deep learning (DL) approaches. The method required developing multiple functional Ansible playbooks targeting AWS infrastructure deployment tasks followed by code smell pattern identification and the establishment of an advanced detection solution. The PDG analysis enables the framework to detect variable dependencies, and code smells and utilizes Multi-layer Perceptron (MLP) neural networks to recognize contextual code smells. The framework categorizes code smells into six primary types (UR1, UR2, UO1, UO2, HP1, HP2) plus security vulnerabilities, all of which affect AWS infrastructure code quality and security. Experimental evaluation included testing the framework using open-source Ansible repositories and creating test playbooks focused on AWS deployment with different roles. The unique patterns of smells found in AWS-specific infrastructure code extend previous findings and hard-coded credentials and improper error handling appear most frequently. The combined PDG-MLP detection produced higher accuracy at spotting code smells compared to traditional static analysis. The research presents both theoretical AWS code smell knowledge about Ansible infrastructure along with practical tools for practitioners including a detection optimizer and solution database.

Item Type: Thesis (Masters)
Supervisors:
Name
Email
Heeney, Sean
UNSPECIFIED
Uncontrolled Keywords: Ansible; IaC; program dependence graph (PDG); neural networks; AWS
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Cloud computing
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions: School of Computing > Master of Science in Cloud Computing
Depositing User: Ciara O'Brien
Date Deposited: 25 Nov 2025 17:25
Last Modified: 25 Nov 2025 17:25
URI: https://norma.ncirl.ie/id/eprint/8956

Actions (login required)

View Item View Item