An infrastructure baseline enables stakeholders in an organization to examine all resources and decide together how the infrastructure meets various compliance standards, such as NIST 800-53 or HIPAA. In the past, this type of agreement between teams was defined verbally or in a spreadsheet or as infrastructure as code, but none of these capture all the necessary details that a baseline does.
Baseline as a Complete Picture
The concept of a baseline as a complete picture of infrastructure has only become possible because of cloud computing. One analogy is comparing a map to a photograph. A map is incomplete and only focuses on certain features such as the exit numbers or street names. But a photograph shows everything with all of its details.
Before the cloud, a traditional data center was more of a map than a photograph. You could see boxes and even how they are connected, but the data center was still full of mystery. For example, if you look at a switch, you have to read the procedural code configuring the switch to understand what it is doing. But with the cloud, the infrastructure configuration is exposed and configured via an API. Everything is discoverable and can be understood. Because of this, a baseline is a 100% resolution picture of a cloud infrastructure environment that the industry has never had before.
Baselines Focus on Configuration of Cloud Services
A baseline doesn’t capture details about a cloud environment at the OS or application layers. It isn't concerned with the versions of libraries of Java frameworks that are used inside an application. A baseline is specifically focused on the configuration of cloud services or resources. The equivalent of a physical data center in the cloud with virtual servers and their respective OSes and applications will be around for decades. But in the future, this model will be less important as true cloud-native applications become more prevalent where all the details of the application are controlled by APIs. For example, with RDS, server administration is no longer as relevant, and the only accessible part of the RDS database is the API for building database schema or something equivalent. So as that transition happens, the baseline becomes more complete because the other things start to go away.