HashiCorp - Cloud Maturity Quiz

To what extent do your teams leverage infrastructure as code (IaC) to provision cloud services?

Not at allSome teams are using independentlyMany/all teams are using independentlyMany/all teams are using as a common shared service

To what extent do you enforce governance and policy through code?

We have no policy enforcement through codeWe have a few policies we enforce through policy as codeWe have many policies we enforce through policy as codeWe have complete enforcement of all required policies through code

To what extent are developers able to truly self-provision (no ticketing, etc.) preapproved application infrastructure patterns?

We offer no self-service capability for infrastructure provisioningWe offer self-service, but it is still connected to a ticketing/approval chain (not fully automated)We offer self-service of limited deployment optionsWe offer a robust portfolio of self-service infrastructure provisioning options

How centralized is your secrets management process?

We don’t have a centralized process or consistent approach for managing secrets. Some teams store and access secrets within cloud applications and infrastructure they use. Across the organization, we leverage multiple secrets management tools but don’t have centralized visibility or policy.We use a single secrets management tool to centralize visibility and policy of secrets across clouds, applications, and on-premises environments.

What is the average time period between secret rotation?

Less frequently than once per yearAt least annuallyAt least quarterlyAt least monthly

To what extent do you dynamically generate and manage ‘just-in-time’ secrets?

We do not do this at allWe offer this for a few critical systems/applicationsWe offer this for many systems/applicationsWe only use dynamic secrets

To what extent are you able to provide developers with privileged access to critical systems without requiring users to see sensitive credentials?

We provide access through private networks but our developers store credentials to critical systems in their own local environments.We provide privileged access to some systems for developers, but they still can read or handle credentials.We provide privileged access to our most critical systems and obfuscate some credentials.We provide passwordless experience for developers and enforce a zero trust and/or least privilege approach for access to all critical systems.

Almost there! Your results are on the way. But first, please tell us a little more about yourself.

First Name

Last Name

Phone

Business Email

Company

Country

By submitting this form, you acknowledge and agree that HashiCorp will process your personal information in accordance with the Privacy Policy.