#policyascode — Public Fediverse posts

#Cedar - an #opensource authorisation policy language and SDK - has officially joined the Cloud Native Computing Foundation (#CNCF) as a Sandbox project!

It aims to provide a vendor-neutral standard for defining and enforcing fine-grained permissions in modern applications.

Details here 👉 https://bit.ly/3LMktJP

#DevOps #PolicyAsCode #SoftwareSecurity #Governance #InfoQ

🚀 NEW on We ❤️ Open Source 🚀

Electric sheep need defenders. 🐑🔐 Brett Smith explores how SLSA helps secure the software supply chain, translating EO 14028 into a roadmap for resilient pipelines.

Read the article: https://allthingsopen.org/articles/supply-chain-robots-slsa-security

#WeLoveOpenSource #SLSA #FOSS #Cybersecurity #DevSecOps #PolicyAsCode

🚨 Security doesn't start in prod — it starts at terraform plan.

With Policy as Code tools like #OPA, #Checkov, Snyk, and #Sentinel by HashiCorp, you can catch misconfigs before they deploy. 🛡️

🎥 https://youtube.com/shorts/C-2OJMFVz8c

#Terraform #HashiCorp #DevSecOps #PolicyAsCode

Nicholaos Mouzourakis at Gusto has been a long-time contributor to #OPA, and has written some of the best blogs on #Rego we've read. Turns out he is just as great talking about it on video! Just published on YouTube, "Super-Scaling Open Policy Agent with Batch Queries" is a deep-dive into an advanced OPA topic, explained well enough to be interesting to most. Hosted by the ever excellent Bart Farrell. Recommended!

https://www.youtube.com/watch?v=b6aTh2Qn4tA

#CloudNative #CNCF #DevOps #DevSevOps #PolicyAsCode

A new #Regal release is out! Featuring 4 new linter rules, and a bunch of performance improvements along with the usual fixes. I'm particularly happy about the new "narrow-argument" rule, as I don't know many tools do that type of analysis for any language. It's an optional rule though, so make sure to enable it if you want to try it out!

https://github.com/StyraInc/regal/releases/tag/v0.33.1

#OPA #Rego #CloudNative #CodeQuality #PolicyAsCode

The #KubeCon recordings are now on YouTube! We'll be posting links to all the #OpenPolicyAgent related ones as we watch them. First out is the #OPA maintainer track session, where @charlieegan3 and @anderseknert give a short introduction to OPA and Rego, followed by a deep-dive into recent performance improvements, and a sneak peek at the project roadmap. Check it out!

https://www.youtube.com/watch?v=XtA-NKoJDaI

#CloudNative #CNCF #DevOps #DevSecOps #PolicyAsCode

Today I was in the mood and packaged #regal and #opa for @opensuse

Packages still need more testing, but the first steps are done. Found a glitch in the OPA ldflags handling and reported it upstream.

Should arrive in #Tumbleweed soon-ish.

#packagerslife #policyascode #OpenPolicyAgent #opensuse

Regal v0.32.0 just dropped! After having worked mostly on language server features recently, it was time for the linter to get some love. This release includes 3 new linter rules as well as much faster linting. Check it out!

https://github.com/StyraInc/regal/releases/tag/v0.32.0

#OPA #Rego #Regal #PolicyAsCode #CloudNative #DevOps #DevSecOps

Finally got a copy of Jimmy Ray’s “Policy as Code”. And it’s really good! Proud about both myself and my #Regal project getting mentioned too.

#PolicyAsCode #DevOps #DevSecOps #CloudNative #OPA #Styra #OReilly

[Перевод] Использование Verified Permissions для реализации точной авторизации в высоконагруженных приложениях

Техники оптимизации функции авторизации в современных веб-приложениях. В статье рассматриваются эффективные подходы к управлению точной авторизацией с использованием Amazon Verified Permissions ( читай Cedar Engine ). Вы узнаете о техниках пакетной авторизации и кэширования ответов, которые помогут значительно повысить производительность и отзывчивость приложений. Читать

https://habr.com/ru/companies/bercut/articles/829576/

#авторизация #bercut #беркут #authz #authorization #Policyascode #вебприложения #web_application

#Styra's Policy as Code Report: Identity and Access Management Drives Adoption

https://www.infoq.com/news/2023/12/styra-policy-as-code-report/

#IAM #policyAsCode

What better way to spend the weekend than with a new version of #Regal? Everyone's favorite #Rego linter now have 2 more new rules, and some other nice improvements added. Check it out!

https://github.com/StyraInc/regal/releases/tag/v0.15.0

#OPA #OpenPolicyAgent #DevOps #DevSecOps #PolicyAsCode

Regal v0.14.0 just released! 🎉 The latest edition of the #OPA community's favorite #Rego linter features two new rules, a new output format, and many improvements and fixes. Release notes and downloads here: https://github.com/StyraInc/regal/releases/tag/v0.14.0

#OpenPolicyAgent #DevOps #DevSecOps #PolicyAsCode #Linter #CodeQuality #IAM

Regal v0.12.0 just released! The latest edition of the #OPA community's favorite #Rego linter adds 4 new linter rules, a long-awaited capabilities feature, and many other improvements and fixes. Check out the full changelog, and get your copy!

https://github.com/StyraInc/regal

#Regal #OpenPolicyAgent #PolicyAsCode #CloudNative #DevOps #DevSecOps #Authorization #Linter

Tonight I’m playing with #rq, a tool originally intended as a #jq replacement using #Rego as its query language, but which eventually grew to be useful for format transformations, and now a full-blown #scripting environment. All powered by #OPA. Madness, obviously, but just the right kind of madness.

https://sr.ht/~charles/rq/

#DevOps #DevSecOps #PolicyAsCode #OpenPolicyAgent #IAM #Code #CloudNative

🔥⏲️ Fudge Sunday "Generative AI Thru This" A look at Generative AI for platform engineering

#generative #genai #generativeai #generativeartificialintelligence #statisticalmodeling #gitops #policyascode #iac #pac #cicd #cicdpipelines #sbom #k8s #immutable #immutability #devx #developerexperience #idp #developerportal #developerproductivity #platformengineering #platformengineer #newsletters #newsletter

https://fudge.org/archive/generative-ai-thru-this/

It's hot outside, but you know what's even hotter? The #CloudNative meetup taking place at the Google office in #Stockholm this evening. I'll be talking about how to translate "real" policy, like the upcoming #EUCS framework into #PolicyAsCode using #OpenPolicyAgent and #Rego. Also, my buddy Abdel to present on ambient service mesh and #Istio. Good times!

https://community.cncf.io/events/details/cncf-stockholm-presents-stockholm-cloud-native-community-group-june-2023-meetup/

#CloudNativeNordics #CNCF #DevOps #DevSecOps #Code

My #KubeCon talk from Amsterdam a few weeks ago is now up on YouTube! The #EUCS — a compliance certification scheme for service providers in the cloud — is on its way, and will have a big impact on how organizations work with #security, #compliance and #automation. A holistic framework like the EUCS provides #policy controls applicable to the whole stack. How would we codify and enforce such rules?

#OPA #PolicyAsCode #Rego #OSCAL @enisa_eu

https://www.youtube.com/watch?v=XoWf4QcSbDw

Lots of #OPA, #authorization and #PolicyAsCode this #KubeCon! Check out the new #Styra blog for a summary, but there's even more in the pipeline :)

https://www.styra.com/blog/join-us-at-kubecon-cloudnativecon-eu/

Summarizing yet another great year for #OpenPolicyAgent in this blog just published! Amazing how much this community accomplished in just a year. Looking forward to many more!

#OPA #Rego #PolicyAsCode #Styra

https://blog.openpolicyagent.org/open-policy-agent-2022-year-in-review-79324ad54535

New rule added to the #Rego style guide, pertaining to the use of a redundant rule body for unconditional assignment. Prefer assignment in the rule head directly ☝️💡

https://github.com/StyraInc/rego-style-guide/pull/19/files?short_path=b335630#diff-b335630551682c19a781afebcf4d07bf978fb1f8ac04c6bf87428ed5106870f5

#OPA #OpenPolicyAgent #PolicyAsCode #Styra