Never do this
> "We started asking developers to think about things like monitoring and resilience"
> Yep, devs are idiots and never think about such things.
Actually, asking developers to think about such things is a very smart thing to do. Not because devs are idiots. But because devs take the requests from the requestors, e.g. The Business, whom are not always cognizant about putting in requests about monitoring, resilience or security.
By explicitly telling the devs to think about such things, you put those on the requirements lists, and the devs can now work their magic to flash out what exactly is needed to be implemented.
When requirements are not specificified, that's when things go bad: requestors will assume that those are "built in" by default and they don't have to bother mentioning them; devs will assume that if something was not mentioned, then it's not needed. Assumptions all around, which we all know how well they work out...