Fieldbox streamlines deployment with automated Infrastructure as Code (IaC)

As part of its ongoing cloud migration, a leader in offshore energy and floating production systems, needed a system to automate the deployment of its cloud infrastructure while maintaining governance and security.

Fieldbox stepped in to design and implement an Infrastructure as Code (IaC) system using Azure and Azure DevOps, enabling developers to operate autonomously in development environments while applying strict governance protocols for staging and production.

The challenge

 

Our client’s migration to Azure faced several hurdles:

  • The company needed a solution that allowed developers to work independently within the development environment, while governance controls were enforced for the transition to staging and production.

  • A new stack in Azure DevOps had to be established to streamline development, deployment, and governance.

 

Fieldbox proposition

 

Fieldbox developed a containerized, self-hosted Azure Agent with Docker-in-docker capabilities, able to run in a pool, for each environment, overcoming current Azure limitation and enabling secure and efficient development. Key components of the solution included:

  • The use of Azure DevOps Environments and Azure Approval Gates to ensure governance during deployments.

  • Enhancement to Azure stack developed to enable authentication via Service Principals (instead of PAT tokens) for secure access to Azure components.

  • A system enforcing testing and security checks at each stage of the deployment process to ensure the integrity and security of infrastructure changes.

Results and benefits

 

Fieldbox’s IaC solution has transformed (the client’s) SBM’s deployment processes:

  • Developers gained autonomy in the development environment, accelerating iterations and innovation.

  • Transparent governance was maintained across staging and production, ensuring compliance with SBM’s internal security and operational policies.

  • Azure DevOps governance gates were integrated into SBM’s existing processes, minimizing disruption while improving security and control.