ОЛЕКСАНДР СНІГОВИЙ «Extension of DevOps: Policy as Code» Lviv DevOps Conference 2019

Download as PPTX, PDF

0 likes50 views

The document discusses the concept of Policy as Code within the DevOps framework, highlighting its importance in managing infrastructure by preventing accidental resource deletion and enforcing compliance measures. Tools like Sentinel, Open Policy Agent (OPA), and Chef InSpec are mentioned as key technologies to implement this approach. The author emphasizes the future of managing policies through automation and the benefits it brings to development quality.

Software

Extension of DevOps: Policy as Code
Alexander Snegovoy, DevOps, Kherson

• DevOps Engineer in DataArt
• AWS & GCP Certified
• Drive Kherson Cloud/DevOps Community
Who am I?

• Automation Journey
• How do we get to policy as code?
• Examples
• Future?
Agenda

• Prevent accidental deletion of resources
• Prohibit changes to some resources
• Enforce tagging
• Express these statements in readable, testable and deployable manner
What is Policy as Code?

• Sentinel
• Open Policy Agent
• Chef InSpec
Some examples

Open Policy Agent
 Open Policy Agent (OPA) is a general-
purpose policy engine with uses ranging from
authorization and admission control to data
filtering. OPA provides greater flexibility and
expressiveness than hard-coded service logic
or ad-hoc domain-specific languages. And it
comes with powerful tooling to help you get
started.

• Compliance team as part of project’s team
• Higher quality
• Poly as Code as a Service
What’s next?

More Related Content

What's hot (20)

PPTX

Apache NiFi: A Drag and Drop ApproachCalculated Systems

PPTX

App Services - Connecting the dots of Web Mobile and Integration_publishedWagner Silveira

PDF

TransparentCDN OverviewServoTIC

PDF

AtlasCamp 2014: Stash State of the UnionAtlassian

PPTX

Aws certified: the journey with tips n tricksAntoni Tzavelas

PPTX

MongoDB World 2018: Replatforming: Switching to MongoDB for Flexibility, Scal...MongoDB

PDF

Should we manage events like APIs? | Alan Chatt and Kim Clark, IBMHostedbyConfluent

PDF

Real-Time Vote Platform BenchmarkLahav Savir

PPTX

Elk meetupAsaf Yigal

PPTX

Using AWS Lambda for Infrastructure Automation and BeyondNick Tursky

PPTX

MongoDB World 2018: Using Puppet, Ansible and Ops Manager to Create Your Own ...MongoDB

PPTX

AWS Summit New York Recap 2016CloudHesive

PPTX

Rate-Limiting 30 Million requests by Vijay Lakshminarayanan and Girish Koundi...Redis Labs

PDF

Serverless meets GraphQLAssaf Gannon

PDF

The Polyglot Data Scientist - Exploring R, Python, and SQL ServerSarah Dutkiewicz

PPTX

What is new in pass summit 2014Harry Zheng

PPTX

Logic Apps Exception Management - Azure LunchtimeWagner Silveira

PDF

How to contribute to Serverless Apache OpenWhisk OpenSource101 NCSUCarlos Santana

PDF

The Netflix API for a global serviceKatharina Probst

PDF

From Concept to Clustered JAC (jira.atlassian.com) - Graham CarrickAtlassian

Apache NiFi: A Drag and Drop ApproachCalculated Systems

App Services - Connecting the dots of Web Mobile and Integration_publishedWagner Silveira

TransparentCDN OverviewServoTIC

AtlasCamp 2014: Stash State of the UnionAtlassian

Aws certified: the journey with tips n tricksAntoni Tzavelas

MongoDB World 2018: Replatforming: Switching to MongoDB for Flexibility, Scal...MongoDB

Should we manage events like APIs? | Alan Chatt and Kim Clark, IBMHostedbyConfluent

Real-Time Vote Platform BenchmarkLahav Savir

Elk meetupAsaf Yigal

Using AWS Lambda for Infrastructure Automation and BeyondNick Tursky

MongoDB World 2018: Using Puppet, Ansible and Ops Manager to Create Your Own ...MongoDB

AWS Summit New York Recap 2016CloudHesive

Rate-Limiting 30 Million requests by Vijay Lakshminarayanan and Girish Koundi...Redis Labs

Serverless meets GraphQLAssaf Gannon

The Polyglot Data Scientist - Exploring R, Python, and SQL ServerSarah Dutkiewicz

What is new in pass summit 2014Harry Zheng

Logic Apps Exception Management - Azure LunchtimeWagner Silveira

How to contribute to Serverless Apache OpenWhisk OpenSource101 NCSUCarlos Santana

The Netflix API for a global serviceKatharina Probst

From Concept to Clustered JAC (jira.atlassian.com) - Graham CarrickAtlassian

Similar to ОЛЕКСАНДР СНІГОВИЙ «Extension of DevOps: Policy as Code» Lviv DevOps Conference 2019 (20)

PDF

Dog Days of Devops 2022: Policy as CodeGabriel Schuyler

PDF

fwd:cloudsec 2022: Shifting right with policy-as-codeGabriel Schuyler

PDF

Ronen Levinson: Unified policy enforcement with opa - Architecture Next 20CodeValue

PPTX

OPA APIs and Use Case SurveyTorin Sandall

PDF

Defining & Enforcing Policies the GitOps WayWeaveworks

PDF

Open Policy AgentTorin Sandall

PDF

Dynamic Policy Enforcement for Microservice EnvironmentsNebulaworks

PDF

Dynamic Authorization & Policy Control for Docker EnvironmentsTorin Sandall

PDF

OPA open policy agentKnoldus Inc.

PDF

CNCF Online - Data Protection Guardrails using Open Policy Agent (OPA).pdfLibbySchulze

PDF

Introduction to OPAKnoldus Inc.

PDF

DSO-LG 2021 Reboot: Policy As Code (Anders Eknert)Michael Man

PDF

Addressing Cloud Security with OPADiemShin

PPTX

Securing APIs with Open Policy AgentNordic APIs

PPTX

Securing APIs with Open Policy AgentAnders Eknert

PPTX

Cloud native policy enforcement with Open Policy AgentLibbySchulze

PDF

A Policy-as-Code Approach to RBAC Authorization - by Graziano Casto, MIa-Pla...Nordic APIs

PDF

Cloud Native User Group: Shift-Left Testing IaC With PaCsmalltown

PDF

GitLab Commit: Enhance your Compliance with Policy-Based CI/CDNico Meisenzahl

PDF

Kubernetes Security with Calico and Open Policy AgentCloudOps2005

Dog Days of Devops 2022: Policy as CodeGabriel Schuyler

fwd:cloudsec 2022: Shifting right with policy-as-codeGabriel Schuyler

Ronen Levinson: Unified policy enforcement with opa - Architecture Next 20CodeValue

OPA APIs and Use Case SurveyTorin Sandall

Defining & Enforcing Policies the GitOps WayWeaveworks

Open Policy AgentTorin Sandall

Dynamic Policy Enforcement for Microservice EnvironmentsNebulaworks

Dynamic Authorization & Policy Control for Docker EnvironmentsTorin Sandall

OPA open policy agentKnoldus Inc.

CNCF Online - Data Protection Guardrails using Open Policy Agent (OPA).pdfLibbySchulze

Introduction to OPAKnoldus Inc.

DSO-LG 2021 Reboot: Policy As Code (Anders Eknert)Michael Man

Addressing Cloud Security with OPADiemShin

Securing APIs with Open Policy AgentNordic APIs

Securing APIs with Open Policy AgentAnders Eknert

Cloud native policy enforcement with Open Policy AgentLibbySchulze

A Policy-as-Code Approach to RBAC Authorization - by Graziano Casto, MIa-Pla...Nordic APIs

Cloud Native User Group: Shift-Left Testing IaC With PaCsmalltown

GitLab Commit: Enhance your Compliance with Policy-Based CI/CDNico Meisenzahl

Kubernetes Security with Calico and Open Policy AgentCloudOps2005

More from UA DevOps Conference (10)

PDF

ІЛЛЯ ЛУБЕНЕЦЬ «DevSecOps наступний етап розвитку DevOps» GO DevOpsUA DevOps Conference

PPTX

ОЛЕКСАНДР СНІГОВИЙ «Continuous Deployment: Challenges, Solutions, and Lesson...UA DevOps Conference

PDF

АРТЕМ КОБРІН «Achieve Networking at Scale with a Self-Service Network Solutio...UA DevOps Conference

PDF

ОЛЕКСАНДР СИРОТЕНКО «DataKernel: майструючи український фреймворк для highloa...UA DevOps Conference

PDF

ЯРОСЛАВ РАВЛІНКО «Data Science at scale. Next generation data processing plat...UA DevOps Conference

PPTX

ОЛЕКСАНДР ВІЛЬЧИНСЬКИЙ «DevOps culture» Lviv DevOps Conference 2019UA DevOps Conference

PDF

КОСТЯНТИН СЕВЕРЕНЧУК «Monitoring and Automation in DevTestSecOps world» Lviv ...UA DevOps Conference

PPTX

ДЕНИС КЛЕПIКОВ «Long Term storage for Prometheus» Lviv DevOps Conference 2019UA DevOps Conference

PPTX

СТАНІСЛАВ КОЛЕНКІН «Cilium – Network security for microservices. Let’s see ho...UA DevOps Conference

PDF

ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019UA DevOps Conference