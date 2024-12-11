Stage 1: Development automation

Infrastructure automation (IaC) and pipeline automation are self-contained within the development team, which makes automation a great place to start. In this stage, the focus is building an enterprise catalog of continuous integration, deployment and testing (CI/CD/CT) and Ops patterns with necessary tooling integrations to automate core development and testing activities. Given enterprise complexity, the most difficult part of this stage is the automation of testing capabilities (wherein test data preparation and execution of test cases across multiple systems is mostly semi-automated). Overall Cloud Capability Centre (CCC), or the equivalent core team, plays a significant role in driving change with application and platform teams.

Stage 2: Institutionalize pattern-driven model

CCC (or its equivalent) works with the architecture board to establish a suite of repeatable patterns (including atomic patterns representing individual cloud services, as well as composite application patterns comprising of multiple cloud services). The architecture review process (along with other related review processes) is modified to institutionalize pattern-centric architecture representations with a backlog established for different groups (such as platform engineering and CCC) to build these patterns as code. This helps adoption and acceleration. Over time, the applications being represented appear as a set of patterns that standardizes development models across the board. In addition, teams such as business continuity, resiliency and security will leverage those patterns (for example, highly available multi-region architectures) to recognize and accelerate approval gates with a standardized approach. They key to this alignment is the co-creation of these patterns between participating organizations.

Stage 3: Self-service and cross-functional integration

Enterprises have many organizations that want to see that cloud applications follow their guidance and best practices. This stage focuses on integrating cross-functional teams (such as security, compliance and FinOps) through automation, tooling, codified patterns or self-service options. This builds on the earlier stages to emphasize meaningful participation between teams. The key aspects of this stage are to:

Build and align high-availability patterns with resiliency teams where reviews get accelerated, demonstrating adherence to these patterns.

Codify security and compliance requirements into the patterns and guardrail them on the platform as set of policies.

Address validation by integrating tooling, such as vulnerability scans, policy check tools (like cloud formation guard for AWS) and container security with the pipelines following shift-left principles.

Enlist enterprise records teams to study a set of data classification and retention patterns and enlist FinOps teams to assess for appropriate tagging and quota adherence.

Build AuthN/AuthZ integration patterns that abstract nuances and standardize authentication and authorization of applications, data and services.

Automate firewall via generation of resource files from IaC execution & importing them to firewall systems as described here (link resides outside ibm.com).

Platform Engineering enterprise catalog offering multiple self-serve capabilities.

Stage 4: Automated pathway to deploy

This stage focuses on decentralization and decoupling of various enterprise groups while simultaneously integrating them through automation and DevSecOps. One example is the automation of change management processes, including automated release notes generation, where the system autonomously constructs comprehensive change review checklists by aggregating data from multiple interconnected systems. This results in trust, efficiency and accuracy in reviews. This holistic approach represents a significant leap in operational efficiency and risk mitigation for the enterprise.