Sorry for the confusion. It's dangerous for junior developers to interact directly with cloud providers. Our motivation is to provide guard rails for developers of all skill levels to build and run their infrastructure without exposing their organization to risk.
Here are some dangers we've seen from our customers:
- Misconfigurations that result in no backups, disabled encryption, etc.
- Resources accidentally configured with Internet access
- Exposing internal secrets or credentials in source code
- Misconfiguration of IaC that results in destruction of databases
I'm not claiming that we have eliminated these dangers. Instead, our goal is to provide a platform for software teams to codify their security and compliance practices so that all developers on their team can avoid these dangers.
Here are some dangers we've seen from our customers: - Misconfigurations that result in no backups, disabled encryption, etc. - Resources accidentally configured with Internet access - Exposing internal secrets or credentials in source code - Misconfiguration of IaC that results in destruction of databases
I'm not claiming that we have eliminated these dangers. Instead, our goal is to provide a platform for software teams to codify their security and compliance practices so that all developers on their team can avoid these dangers.