Announcing Campaigns Early Access

AUTHOR
Chris Reuter
PUBLISH DATE
October 9, 2024

Today we are announcing early access to Campaigns, our upcoming product module built to facilitate remediation of misconfigured infrastructure.

Misconfigured infrastructure

With the rise of DevOps culture, individual developers are now responsible for configuring and deploying cloud infrastructure. Due to the complexity and heterogeneity of cloud services and the unfamiliarity of most developers with infrastructure as code flavors like Terraform and OpenTofu, configuring infrastructure properly becomes a time-consuming headache.

Far too often, this headache becomes a nightmare when resources are improperly configured. Misconfiguration can lead to:

  • Security-related vulnerabilities
    • Public access to sensitive data and other resources
    • Improper networking settings
    • Overly permissive IAM
  • Unstable customer-facing applications
  • Expensive, oversized resources

We started Resourcely to help companies scale self-service infrastructure while maintaining a trusted and reliable cloud platform. Blueprints and Guardrails were created to prevent misconfiguration from ever happening. With the addition of Campaigns, we now can help companies fix their existing infrastructure while preventing misconfiguration for new work.

How Campaigns work

Campaigns allow you to define configuration standards leveraging Blueprints and Guardrails, identify and track any existing resources in violation of those standards, and automatically generate infrastructure as code that remediates that misconfigured infrastructure.

Define

When creating a Campaign, you first choose which Blueprints or Guardrails you would like to track and enforce within your existing infrastructure.

Resourcely’s Blueprints and Guardrails are flexible objects that allow you to define desired behavior. You can set cloud standards that your infrastructure should match with Blueprints and Guardrails.

With Blueprints, you could describe your ideal infrastructure pattern with as much flexibility as you would like: simply create the Blueprint, which describes one or many cloud resources, the parameters used to configure them, and any guidance around those parameters.

With Guardrails, you can describe rules that your infrastructure should meet. This is done using Really, Resourcely’s policy-as-code language, built to be easily read and written. Really supports a variety of parameters, and can even take into account context you collect from developers (such as data classification).


GUARDRAIL "[S3] Bucket Logging Required"
  WHEN aws_s3_bucket
    REQUIRE logging
  OVERRIDE WITH APPROVAL @security

Track

Once standards are defined, a Campaign can be initiated. Your existing Terraform state is examined, and resources that don’t match your requirements are listed. From here you can prioritize, exclude, or further examine resources that violate your rules.

Enforce

Facilitate the last mile of remediation with Campaigns by automatically generating and submitting PRs that bring your resources into compliance with your standards.

Using your existing tooling means that some changes can automatically pass, while more complex changes requiring a human-in-the-loop review can utilize GitHub, GitLab, or your preferred change management tooling and processes.

Campaigns Scenario

Take your company’s deployed S3 buckets. Let’s say that some of them may have been created without logging enabled, but now you want to make sure that all of your existing S3 buckets have logging enabled.

Without Campaigns, you would need to write a script to inspect existing S3 bucket configuration, list those resources, provide guidance to owners, and then project manage them to write and submit PRs.

With Campaigns, you start from PR submission without having to involve developers - automating away the tedious work that stops most misconfiguration from being resolved in the first place, and allowing everyone to focus on higher-value work.

Why Campaigns

Today, fixing misconfiguration is painful. Motivating developers to cut PRs for fixes that aren’t a high priority to them is difficult, and the complexity of cloud services makes that work slow when it does happen. Central teams find themselves in the awkward position of making asks without contributing to the solution.

Campaigns give central teams the ability to remediate their existing misconfigured infrastructure. Security, networking, auth, FinOps, and other teams can now govern existing cloud resources while streamlining the actual execution of fixes.

Available Q1 2025

Campaigns is set to be generally available in Q1 of 2025. For early access, let us know that you’re interested in Campaigns by emailing us at hello@resourcely.io, or by filling out this form. We recently announced a limited time offer related to Campaigns: for thosecustomers that purchase Resourcely by AWS re:Invent 2024, Campaigns will be included for free!

Ready to get started?

Set up a time to talk to our team to get started with Resourcely.

Get in touch

More posts

View all
September 23, 2024

Insights from the a16z Security Theme Week 2024

Takeaways from meeting dozens of security leaders at Fortune 250 companies
December 4, 2024

Making encryption easy for developers

From complex infrastructure as code to streamlined, encrypted-by-default resources
November 13, 2024

Streamline AI Adoption

Build paved roads for deploying AWS Bedrock

Talk to a Human

See Resourcely in action and learn how it can help you secure and manage your cloud infrastructure today!