InfoQ Homepage Policy as Code Content on InfoQ
News
RSS Feed-
Styra's Policy as Code Report: Identity and Access Management Drives Adoption
The State of Policy as Code report from Styra, based on a survey of 285 U.S. developers and technical decision-makers, highlighted that 97% of respondents believe policy as code is crucial for efficient software building in cloud environments. The report's key findings highlight policy as the code's role in enhancing development efficiency, security, and simplicity.
-
AWS Open-Sources Policy-Based Access Control Language Cedar
AWS has open-sourced Cedar, their language for defining access permissions using policies. Cedar is integrated within both Amazon Verified Permissions and AWS Verified Access. Cedar can also be integrated directly into an application via the provided SDK and language specification.
-
HashiCorp Policy-as-Code Framework Sentinel Adds Multiple Developer Experience Improvements
HashiCorp has released a number of improvements to Sentinel, their policy-as-code framework. The new features include an improved import configuration syntax, a new static import feature, support for named functions, and per-policy parameter values. There are also new helper functions to determine if a value is undefined.
-
Google Cloud Adds New PCI DSS Policy Bundle to Anthos Config Management
Google has recently added Payment Card Industry Data Security Standard (PCI DSS) Policy bundle to Anthos Config Management (ACM). In its version 3.2.1, security administrators can now understand compliance with PCI DSS requirements using the Policy Controller Dashboard.
-
AWS Creates New Policy-Based Access Control Language Cedar
AWS has created a new language for defining access permissions using policies called Cedar. Cedar is currently used within Amazon Verified Permissions and AWS Verified Access. Created by the AWS Automated Reasoning Group, Cedar is designed to be agnostic of AWS and simple to understand the effects of policies.
-
Terraform Cloud Adds Dynamic Provider Credentials and OPA Support
Hashicorp has released several new features into Terraform Cloud, their managed service offering for Terraform. The new features include dynamic provider credentials, native OPA support, and the addition of projects as an organization tool.
-
Programming Your Policies: Justin Cormack at QCon San Francisco 2022
At QCon San Francisco 2022, Justin Cormack, CTO at Docker, presented on Programming your policies. The talk is part of one of the editorial tracks called "Languages of Infra: Beyond YAML."
-
HashiCorp Enhances Terraform Drift Detection with Continuous Validation
HashiCorp released a number of new features for Terraform including continuous validation and no-code provisioning. Both features are currently in beta for Terraform Cloud Business users. Additional releases include native Open Policy Agent (OPA) support and Azure provider automation.
-
CNCF Publishes the Kubernetes Policy Management Whitepaper
The CNCF recently published a new whitepaper about Kubernetes Policy Management. The whitepaper highlights the importance of Kubernetes policy management when it comes to the security and automation of clusters as well as workloads. Also, it goes in-depth into the problems Kubernetes policies solve and the proper implementation of such policies.
-
Google Announces the Public Preview of Network Connectivity Center
Recently Google announced the preview of Network Connectivity Center, a new service for network connectivity management in Google Cloud. With the network service on the Google Cloud Platform (GCP), enterprises can create, connect, and manage heterogeneous on-prem and cloud networks from a single place.
-
Open Policy Agent Graduates at CNCF
The CNCF announced the graduation of the Open Policy Agent (OPA) project. OPA is an open source policy management and enforcement engine that has declarative policies and integrates with various systems including Kubernetes.
-
Pulumi Releases Version 2.0 with New Policy as Code Tool
Pulumi announced the release of version 2.0 of their open source infrastructure as code platform. This release includes a new policy as code system called CrossGuard. Also included are improvements for moving pre-existing systems into Pulumi.