{
"$type": "site.standard.document",
"bskyPostRef": {
"cid": "bafyreid37bsgasnmgvamum6sekxemyo2nohe6wxqkf32d6u5iyupdk5mdy",
"uri": "at://did:plc:gapzbf5nl5wxaqkqoecaeawh/app.bsky.feed.post/3mnlfrv63kzb2"
},
"coverImage": {
"$type": "blob",
"ref": {
"$link": "bafkreieloe7phaepxoh7iwtnr7ocf2qxolkd2mnqklne7e63hgguqi7ybm"
},
"mimeType": "image/webp",
"size": 16110
},
"path": "/risk-based-review-for-infrastructure-as-code-pull-requests/",
"publishedAt": "2026-06-05T10:45:56.000Z",
"site": "https://devops.com",
"tags": [
"Blogs",
"Business of DevOps",
"Contributed Content",
"Doin' DevOps",
"Social - Facebook",
"Social - LinkedIn",
"Social - X",
"automated review systems",
"blast radius analysis",
"change approval workflow",
"change management",
"CI/CD governance",
"cloud infrastructure",
"Cloud Security",
"deployment risk",
"deployment safety",
"devops",
"devsecops",
"Engineering Governance",
"engineering productivity",
"gitops",
"IaC review",
"infrastructure as code",
"infrastructure auditing",
"infrastructure automation",
"infrastructure change tracking",
"infrastructure compliance",
"infrastructure controls",
"infrastructure delivery",
"Infrastructure Governance",
"infrastructure observability",
"infrastructure reliability",
"infrastructure risk scoring",
"infrastructure security",
"operational risk management",
"platform engineering",
"platform operations",
"platform team workflows",
"policy as code",
"production changes",
"production deployments",
"pull request review",
"reviewer fatigue",
"reviewer workflows",
"risk assessment",
"risk-based review",
"security review automation"
],
"textContent": "Not every infrastructure pull request deserves the same review path. A tag change in a development account and a network-policy change in production should not create identical reviewer load. When every change is treated as high risk, reviewers stop trusting the signal. In IaC review, I have seen reviewers spend too much attention on low-risk changes […]",
"title": "Risk-Based Review for Infrastructure as Code Pull Requests"
}