DEV Community

Cover image for Tutorial: Achieving Auto Remediation with env0
env0 Team for env0

Posted on • Originally published at env0.com

1

Tutorial: Achieving Auto Remediation with env0

In the dynamic landscape of Infrastructure-as-Code (IaC), aligning your resources with your code is a constant challenge. This misalignment, commonly known as drift, can occur when resources are manually added, updated, or removed outside of your IaC scripts. 

Enter env0, a powerful platform that offers a trio of capabilities – drift detection, scheduling, and approval policies – to facilitate what we like to call ‘smart’ auto remediation.

Auto Scheduling

Automation is the backbone of modern IT management. With env0's scheduling capability, you can automatically trigger deployments and destroys on a predefined schedule. 

This means that your environments can be kept in a consistent state, reducing the risk of drift and making sure that your infrastructure always aligns with your code.

Approval Policies

env0 brings a sophisticated touch to policy enforcement through the use of Open Policy Agent (OPA) and .rego files. These policies, located within your repository, ensure that deployments meet your organization's standards and requirements. 

During the deployment process, an approval step is executed after the plan and cost estimation phases. The deployment may then proceed, pause for further approval, or even be canceled depending on different factors—the policies, deployment type, and other relevant data.

Auto Remediation

By combining scheduling and approval policies, you achieve ‘smart’ auto remediation. 

Imagine automatically detecting drift in your environment, triggering a remediation deployment on a schedule, and ensuring that it adheres to your organization's policies before proceeding. 

This level of automation, monitoring, and enforcement keeps infrastructure 

  1. In sync with your IaC code 

  2. Compliant with your organization's standards

With our platform, you can attain ‘smart’ auto remediation that keeps your infrastructure at its best, effortlessly aligning your real-world resources with your IaC code.

env0 drift detection serves as the watchful guardian of your infrastructure. By setting up scheduled deployment tasks that conclude with an examination of the terraform plan output, env0 automatically detects drift in your environment. 

When drift is detected, you're promptly alerted so you can take corrective actions before it becomes a bigger problem.

For example, you can detect drifts in S3 buckets. If it's something simple, like missing tags, you can enable policy in a .rego file that allows for any minor changes like updates (but not deletions or creations) to take immediate effect (see the video below to watch this in action).

For a full video walkthrough, watch the tutorial.

Billboard image

Deploy and scale your apps on AWS and GCP with a world class developer experience

Coherence makes it easy to set up and maintain cloud infrastructure. Harness the extensibility, compliance and cost efficiency of the cloud.

Learn more

Top comments (0)

Billboard image

Deploy and scale your apps on AWS and GCP with a world class developer experience

Coherence makes it easy to set up and maintain cloud infrastructure. Harness the extensibility, compliance and cost efficiency of the cloud.

Learn more

👋 Kindness is contagious

Discover a treasure trove of wisdom within this insightful piece, highly respected in the nurturing DEV Community enviroment. Developers, whether novice or expert, are encouraged to participate and add to our shared knowledge basin.

A simple "thank you" can illuminate someone's day. Express your appreciation in the comments section!

On DEV, sharing ideas smoothens our journey and strengthens our community ties. Learn something useful? Offering a quick thanks to the author is deeply appreciated.

Okay