Chapter 11. Governance and Standardization: Finding the Balance

One of the selling points of microservices is the ability to choose “the right tool for the job.” But being flexible on programming languages or data storage layers increases the complexity of your estate, and can increase both cost and risk.

You need to find the right balance.

In this chapter, I’m going to dig into how to manage the process of making choices about the technology you use.

I want to start by talking about why you need to know your estate: what technologies are being used, and what versions. This is important because it helps you to keep on top of risks around security vulnerabilities and costs.

I’ll then move on to guardrails, which guide people to do the right thing and keep them safe. Guardrails are more effective than rules and restrictions when you have an autonomous empowered team. They help to make sure everyone understands what they are expected to do and why.

Finally, it’s good to show people where to focus their efforts: give them insight into the current state of their systems and provide guidance on what to do next to make things better. This insight also helps when you have to respond to issues—for example, subject access requests or security vulnerabilities.

But let me start by defining what I mean by governance and explaining why it’s important.

Why Governance Matters

Governance is about reducing technical risk, and inevitably involves some level of standardization. This might not be ...