Episode 33 — Production vs Non-Production: separation, blast radius, and governance
Separation between production and non-production is a recurring architectural requirement because it reduces risk, supports governance, and prevents testing from becoming an outage. This episode defines production as the environment that must meet strict availability, integrity, and accountability expectations, while non-production environments exist to support development, testing, and validation with controlled risk. The first paragraph focuses on why separation matters: shared resources allow configuration mistakes to cascade, shared identity and DNS can create unintended access, and shared data can introduce compliance violations if sensitive content is handled improperly. It also explains separation options at different layers, including network segmentation, distinct accounts or subscriptions, isolated domains and name zones, and separate logging and monitoring contexts that reduce noise and improve incident clarity. The episode frames separation as a deliberate blast-radius strategy rather than an arbitrary rule.
