58 lines
1.7 KiB
Markdown
58 lines
1.7 KiB
Markdown
# Secure Change And Deployment Guidance
|
|
|
|
## Purpose
|
|
|
|
This guidance note helps engineering and operational teams apply the change and deployment controls consistently in a cloud-native environment.
|
|
|
|
## Key Principle
|
|
|
|
The goal is not to slow change down. The goal is to make production change deliberate, traceable, and recoverable.
|
|
|
|
## What Deserves More Scrutiny
|
|
|
|
Higher-risk changes usually include:
|
|
|
|
- authentication or authorisation changes
|
|
- changes affecting production access or secrets
|
|
- Kubernetes or infrastructure changes
|
|
- CI/CD pipeline changes
|
|
- logging or monitoring changes
|
|
- customer-impacting configuration changes
|
|
|
|
## Minimum Practical Checks Before Deployment
|
|
|
|
Before a production deployment, confirm:
|
|
|
|
- the change is reviewed and approved at the right level
|
|
- the deployment path is the approved one
|
|
- rollback or recovery is understood
|
|
- monitoring exists to detect failure quickly
|
|
- any customer or operational communication need is understood
|
|
|
|
## Emergency Change Discipline
|
|
|
|
Emergency change does not mean uncontrolled change. If a shortcut is needed during an incident or outage, the record still needs to show:
|
|
|
|
- why the shortcut was necessary
|
|
- who made the decision
|
|
- what was changed
|
|
- what retrospective review is required
|
|
|
|
## Evidence To Keep
|
|
|
|
Useful deployment evidence often includes:
|
|
|
|
- change approval
|
|
- code review or pipeline traceability
|
|
- deployment timestamp
|
|
- deployment owner
|
|
- validation results
|
|
- rollback or follow-up actions where relevant
|
|
|
|
## Related Documents
|
|
|
|
- `../../01-policies/change-management-policy.md`
|
|
- `../../02-standards/ci-cd-security-standard.md`
|
|
- `../../03-procedures/change-approval-procedure.md`
|
|
- `../../03-procedures/production-deployment-procedure.md`
|