Warning

Work in Progress: This page is currently under construction. Content may be incomplete or subject to change. To contribute, see the contribution guide.

Cloud Platforms

Patria Investments operates workloads on two cloud platforms: Microsoft Azure and Google Cloud Platform (GCP).

Principles

• Least privilege: service accounts and users receive only the permissions required for their role
• Managed identities: avoid static credentials — use managed identities and workload identity federation where possible
• Tagging & naming conventions: all resources follow the naming convention defined in Standards
• Cost awareness: resource creation in production requires prior approval from the Infra squad

Sections

• Azure
• GCP

Access request

To request access to a cloud platform:

1. Open a ticket in ServiceNow — category Access Management
2. Specify: platform, subscription/project, role required, and business justification
3. Approval is required from the resource owner and the Infra & Cloud Squad lead