Zero Touch Prod - Towards Safer and More Secure Production Environments

Explore the concept of Zero Touch Prod (ZTP) in this 39-minute conference talk from SREcon19 Europe/Middle East/Africa. Dive into strategies for creating safer and more secure production environments by minimizing human interaction. Learn how Google Switzerland's experts, Michał Czapiński and Rainer Wolafka, address the risks of outages caused by human errors and potential insider threats. Discover principles and tooling that enable production changes through automation, safe proxies, and audited break-glass procedures. Examine scenarios, reliable automation techniques, and the power and responsibility of human operators. Understand key concepts such as transient access, unilateral access, peer review, and proxy approval. Gain insights into assessing and tracking ZTP adoption, its benefits, and considerations for implementation. Explore topics like security checks, rate limiting, and the potential for open-source solutions in this comprehensive overview of Zero Touch Prod methodology.

Intro
Scenarios
Reliable Automation
Humans
We wield big power
Responsibility and temptation
Assumptions
Who can run
Transient access
Unilateral Access
Peer Review
Proxy Approval
Assessing and tracking adoption
Conclusion
Proxy Benefits
Quote
Who defines security checks
Ratelimiting
Adoption rate
Open source