Deploying Infrastructure as Code with CSI FastTrack

Infrastructure as Code

When you deploy your data and workloads into a public cloud you had better make sure that you get the foundations right otherwise you are opening your business up to a lot of potential risks.

But how do you get your first deployment into a public cloud right if you don’t have the specialist security and build skills in-house?

CSI’s Cloud Experts have spent a huge amount of resources developing our FastTrack services to be the best foundational cloud service that they could possibly be – and are pleased to make them available to all our customers at a fraction of the cost.

Modular Infrastructure as Code Services

FastTrack is a modular Infrastructure as Code (IaC) service that deploys a secure foundation into any of the major hyperscale clouds that CSI supports, including AWS, Azure, GCP and IBM Cloud.

To learn more about IaC, read our blogs “What is Infrastructure as Code” and “The Benefits and Challenges of Infrastructure as Code”.

It allows you to concentrate on the benefits of the public cloud without the worry of misconfigurations that leave your environment vulnerable to security breaches.

Through CSI’s FastTrack, you can specify which services you need from the cloud, how you want to connect to your chosen provider, and what you want to consume from the cloud provider.

The first stage of the deployment starts with a Scaffold which is a set of focussed cloud workshops led by our Senior Cloud Architects.

In the Scaffold, we explore the art of the possible and collect the variables required to customise the FastTrack build for your specific requirements, and collect the data needed to design your initial deployment into the public cloud.

Our engineers take this information, select the relevant modules from our FastTrack Code Repository and prepare the custom installation pipeline required to fulfil your needs in the chosen providers’ public cloud tenancy.

Click the images to learn more about FastTrack and Scaffold in our flyers:

Deploying Compliant Cloud Designs with Infrastructure as Code

CSI’s Scaffold process culminates in an initial Infrastructure as Code deployment which leverages the latest version of our FastTrack code to meet your specific use case requirements.

Additionally, the IaC design meets Microsoft, Amazon and Google best practice compliance guidelines.

During this initial automated FastTrack deployment phase, we also layer on all relevant CIS and Fedramp compliant policies to secure your environments, workloads, and data from day one.

How do I know CSI’s FastTrack Code Repository is up to date?

Internally we ensure that FastTrack is maintained just like any other software product. As new advice, guidance, and services are released by providers and security experts, we update our underlying code to incorporate any relevant changes.

With each quarterly review cycle, we increment the version numbers to identify our current release. Finally, we issue a release notification to our engineering teams so that they can identify what has changed or been enhanced between versions.

We adopt an 80/20 approach to all new cloud deployments where 80% of the FastTrack code is reused and 20% is unique to each client (such as Naming Conventions, IP addressing Schemas and Features). These variables are called via an Azure DevOps Pipeline at the point of code deployment.

Build Secure Cloud Foundations for Azure, AWS and GCP Landing Zones

FastTrack takes a modular IaC approach to build the Secure Foundations for AWS, Azure or GCP landing zones ensuring our clients get the best start in the cloud they possibly could.

We understand the risks associated with cloud misconfigurations which is why we made the decision to turn our foundational cloud deployment code into a software product that we continually improve, maintain, and have externally vetted.

By leveraging agile CI/CD methodologies in deployment and by regularly having our code reviewed by external and internal security experts, we can confidently state that FastTrack mitigates the security issues – such as those identified in this article by ThreatPost.com where opportunistic attackers exploited exposed services.

What Next?

For help with your journey to the public cloud, get in touch to find out how CSI can support you with Infrastructure as Code services and building a secure foundation in the cloud.

Cookie	Duration	Description
_GRECAPTCHA	5 months 27 days	Google Recaptcha service sets this cookie to identify bots to protect the website against malicious spam attacks.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Advertisement" category.
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_gat_UA-*	1 minute	Google Analytics sets this cookie for user behaviour tracking.
_gcl_au	3 months	Google Tag Manager sets the cookie to experiment advertisement efficiency of websites using their services.
_gid	1 day	Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website's performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously.
CONSENT	2 years	YouTube sets this cookie via embedded YouTube videos and registers anonymous statistical data.

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies store information about how the user uses the website to present them with relevant ads according to the user profile.
test_cookie	15 minutes	doubleclick.net sets this cookie to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	YouTube sets this cookie to measure bandwidth, determining whether the user gets the new or old player interface.
YSC	session	Youtube sets this cookie to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt-remote-device-id	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt.innertube::nextId	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.

Cookie	Duration	Description
_cfuvid	session	Description is currently not available.
VISITOR_PRIVACY_METADATA	5 months 27 days	Description is currently not available.