Deployment Controls #

Control Code: KCC2

TLDR: Deployments controls are enforced in the pipeline and environments

Rationale: Ensuring only compliant, approved software deployments are made to production

Background #

We use deployment controls to automatically ensure we only deploy software that has gone through our Software Development Lifecycle. This can be implemented as a gate in the pipeline, or as an admission controller in the environment (ideally both).

How we implement this control #

• We use Kosli’s assert artifact command prior to deployment
• We use Kosli’s environment monitoring to alert on non-compliant workloads