Personas

Product / Service Designer

The designer determines the following for the automation around (a part of) a product or service:

  • Which modules should be used, or if new ones will be created.
  • The branching model for these modules.
  • The individual resources (packets) and how they will be structured. (database resource with user resources underneath it, for example).
  • The attributes for each resource.
  • Which actions to create (add user, restart database, reset configuration, …).
  • Defines defaults, like “at least 2 availability zones for a cluster”, …

Developer

The developer gets his input from the designer and:

  • Creates the modules in GitHub.
  • Uses Infraxys Developer to:
    • Create the resources and writes the scripts, configuration files, … for the actions.
    • Create user-friendly views that help create, manage and validate resources.
    • Create views with charts and graphs.
    • Create views that gathers costing information while a resource is added to Infraxys.
    • Write tests to validate each resource and the service / product as a whole.
    • Push his code to branches where they can be consumed by other developers and Infraxys Server environments.
  • Maintains the modules.

Project administrator

  • Determines the project-structure and teams to ensure the minimal privilege principle.
  • Assigns other project administrators to the project and to sub-projects that he’s an admin of.
  • Creates teams and adds users to them.
  • Defines the necessary environments to consume the automation resources (environment for a Vault-cluster, one or more for Vault backends, …).
  • Attaches the environments to projects and links information that should be shared.
  • Creates project-level variables (with tokens, with information on how to get credentials, …).

Security administrator

  • Creates or installs scripts that run before any action. These scripts:
    • Run Open Policy Agent (OPA) validations locally or using an external service.
    • Checks if the user that runs an action is part of specific GitHub teams, Okta groups, …
    • Enforces that someone else is needed to provide approval before the action can run (send a random code to an email-list or calls a change management system, asks the users for a ticket number and checks the state of the ticket, …).
    • Adds additional audit logging (SHA of the commit of the running action, the username that is running it, …).
  • Uses views to validate the state of resources:
    • Is everything tagged as expected.
    • Are the required Lambda functions present.
    • Which instances are not correctly registered in the vulnarability-scanning system.

Environment manager

  • Runs the actions and workflows to setup resources (AWS VPCs, Vault clusters, …).
  • Uses actions to maintain and update the environments (patching, ensuring agents are installed and correctly configured, …)
  • Uses views to validate the state of resources:
    • How many licenses are available?
    • Which users exist in system A and not in system B. Send mails to these users to register in system B.
  • Uses views to

Helpdesk employee

The helpdesk employee uses Infraxys to:

  • Fix known issues (fix is automated by a product specialist).
  • Do validations of resources when users report issues.
  • Perform maintenance on systems (patching, replacing instances, …).
  • Create and update resources like Vault backends, Quay organizations, … when requests come in.