re: Holding a loaded rifle without knowing it VIEW POST

FULL DISCUSSION
 

By no means idiot-proof (since they'll always build a better idiot), but, to help me avoid being the source of tragedy:

  • Use different colors for dev xterms and prod xterms
  • Use per-TTY shell-history files (so no accidents happen via lazy shell-history executions)
  • Use different cloud-accounts to host dev and production services
    • If using web UI, only ever open dev and prod in specific browsers and/or profiles/sessions
    • If using CLI, make sure that each command is executed with a specific profile-name for each account and role
  • If your CSP supports it, enable termination protection on prod resources
  • Ensure use of "obvious" naming-patterns for dev and prod resources - both at the cloud-layer and within resources (instance hostnames; DB intance-names; etc.)
code of conduct - report abuse