In this post we’ll take a look at why auditing is necessary for Infrastructure as Code, the benefits of having an audit trail for Terraform and other IaC frameworks (such as Terragrunt, Pulumi, CloudFormation, Kubernetes, and others), and share how you can automate your audit trail easily with env0.
How do you audit Infrastructure as Code?
All you need is a central log management system that can aggregate and parse your audit. env0 delivers a number of benefits for auditability:
Changes to infrastructure are tracked in the code repository, making it easy to see who made what changes and when.
Automatically roll back changes that cause problems.
Audit changes made by third-party vendors.
Audit log walkthrough
There are two ways to access audit logs in env0, 1) through the UI, and 2) through the API. As always, env0 gives you the flexibility to interact with your infrastructure-as-code as it suits your organization, be it programmatically or through a simple user interface. Only an Admin user can access the Audit Logs.
The audit log contains information about who performed the activity, when the action was performed, the activity’s description, and additional data like their IP address.
The audit log shows events related to changes in your:
Through the env0 UI
Go to the Organization's Settings page.
Click the Audit Logs tab.
The audit details are listed in a table.
Click the row's + sign to reveal additional activity details.
Click the Show more button at the bottom of the page to see more rows.
With this latest release, we’re continuing to deliver the enterprise-level capabilities to enable DevOps, Platform, and Infrastructure as Code teams to deliver secure software faster while ensuring compliance with internal policies or external regulations. Env0 has clearly auditable versioning of infrastructure changes, giving you the answer to questions like, “What was changed, who changed it, and when was it changed?”
We help you avoid the audit and compliance bottleneck, so you can focus on what’s important—shipping software.