The alternative is that the only thing with access to make changes in your production environment is the CI pipeline that deploys your production environment.
Neither the AI, nor anything else on the developers machine, should have access to make production changes.
I did say “and guardrails to stop a single point of failure.” A cicd pipeline itslef doesn’t protect you if it can change that too. You need the same kind of guardrails that would allow a junior dev to f things up. Require multiple people to sign off. Turn on deletion protection… those sorts of things. I work in infra, so I often have direct access to production. More than I should. But not all companies can afford to build out all the tools needed so that I don’t need production access.
What is this insane rambling?
The alternative is that the only thing with access to make changes in your production environment is the CI pipeline that deploys your production environment.
Neither the AI, nor anything else on the developers machine, should have access to make production changes.
I did say “and guardrails to stop a single point of failure.” A cicd pipeline itslef doesn’t protect you if it can change that too. You need the same kind of guardrails that would allow a junior dev to f things up. Require multiple people to sign off. Turn on deletion protection… those sorts of things. I work in infra, so I often have direct access to production. More than I should. But not all companies can afford to build out all the tools needed so that I don’t need production access.