As platform engineering continues to rise in popularity, there is a new side effect to watch out for: the people using the internal developer platforms aren't the people who built it. They’re not necessarily familiar with the codebase, they may not know what's powering it behind the scenes – and the platform might even have to contend with malicious users. So how is Puppet evolving to contend with this new challenge?

“Give customers the power to help themselves. Self-service options allow for faster problem resolution while reducing strain on your support teams.” – our friends at ServiceNow Self-service is a crucial component to any DevOps strategy. Many IT organizations still depend on manual and ticket-driven workflows with strong reliance on dedicated teams to make simple and frequent change requests. Unfortunately, these traditional models don’t scale.

We’re pleased to introduce updates to Puppet Enterprise that give infrastructure operations teams the insights they need to manage and protect infrastructure and complex workflows in a simple yet powerful way. With Puppet Enterprise 2021.7, teams gain automatic access control and a host of system insights related to runs and events.

Puppet 6 brought the ability to defer functions to runtime on the agent, and now we've released improvements that make this easier to do. Read on to find out more and to make sure your modules are ready to be deferred.

What is self-healing infrastructure and why do you need it? The first part is easy; it’s exactly what the name implies. It’s a methodology for creating automation that allows systems to identify and repair errors and misconfigurations without any human action. The “why” is a little more complex, but, like self-healing infrastructure, is well worth the effort.

Let's face it: no one likes patching. When I was a practitioner, we always put off patching until it was absolutely necessary. Until a business need – such as updating an application version or support ending for a version – arose, we didn't patch because "If it ain't broke, don't fix it." We all know this is a bad practice; let's remind ourselves why. The longer a system goes without being patched, the more changes will accumulate.

A new report from IDC emphasizes just how critical autonomous compliance is for companies to ensure that their digital infrastructure environments are consistently hardened, resilient, and compliant. Leaders who prioritize compliance optimize company efficiency while reducing risk. The IDC PeerScape report outlines the best practices of these leaders, who, by implementing autonomous compliance, better protect their businesses.

Government agencies are facing a rising need for changes to their IT infrastructure. This need is becoming even more urgent as they continue to migrate operations to the cloud. Leveraging modern cloud applications and resources within an existing legacy agency environment requires IT agility to maintain the balance of security while keeping pace with an agency’s mission.

This blog is the third in a four-part series about how Puppet can help government agencies meet compliance and security requirements. Read the second post here. Government agency IT departments know that migrating applications to the cloud can improve efficiency, increase visibility, and reduce costs. They also recognize the value in keeping some operation resources on-premises.

This blog is the second in a four-part series about how Puppet can help government agencies meet compliance and security requirements. Read the first post here. Zero Trust is a strategy created to combat system intrusions through a “never trust, always verify” model. DevSecOps is a collaborative software development strategy that integrates development, security, and operations practices into a continuously evolving lifecycle.