home.social

#policyascode — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #policyascode, aggregated by home.social.

  1. When AIs invent religions, the safeguard is not censorship. The safeguard is that the user holds the signing key and the user holds the revocation.

    Anchored in the Mickai Policy Brain and the Revocation Brain.

    Sovereign Futures, Vol VII.

    mickai.co.uk/articles/the-god-

    #SovereignAI #AIEthics #PolicyAsCode

  2. When AIs invent religions, the safeguard is not censorship. The safeguard is that the user holds the signing key and the user holds the revocation.

    Anchored in the Mickai Policy Brain and the Revocation Brain.

    Sovereign Futures, Vol VII.

    mickai.co.uk/articles/the-god-

    #SovereignAI #AIEthics #PolicyAsCode

  3. When AIs invent religions, the safeguard is not censorship. The safeguard is that the user holds the signing key and the user holds the revocation.

    Anchored in the Mickai Policy Brain and the Revocation Brain.

    Sovereign Futures, Vol VII.

    mickai.co.uk/articles/the-god-

    #SovereignAI #AIEthics #PolicyAsCode

  4. When AIs invent religions, the safeguard is not censorship. The safeguard is that the user holds the signing key and the user holds the revocation.

    Anchored in the Mickai Policy Brain and the Revocation Brain.

    Sovereign Futures, Vol VII.

    mickai.co.uk/articles/the-god-

    #SovereignAI #AIEthics #PolicyAsCode

  5. While #DockerExtensions boost developer speed, they can create a “visibility gap” by isolating telemetry. Extensions should act as bridges to centralized platforms!

    In this #InfoQ article, Pragya Keshap explains how to use:
    🔹 #OpenTelemetry
    🔹 #PolicyAsCode
    🔹 #Encryption
    ...to build secure pipelines and balance developer productivity with the governance needed for scalable, compliant observability!

    📰 Read now: bit.ly/4mUn96h

    #DevOps #Docker #Observability #Performance #Monitoring

  6. #Cedar - an #opensource authorisation policy language and SDK - has officially joined the Cloud Native Computing Foundation (#CNCF) as a Sandbox project!

    It aims to provide a vendor-neutral standard for defining and enforcing fine-grained permissions in modern applications.

    Details here 👉 bit.ly/3LMktJP

    #DevOps #PolicyAsCode #SoftwareSecurity #Governance #InfoQ

  7. 🚀 NEW on We ❤️ Open Source 🚀

    Electric sheep need defenders. 🐑🔐 Brett Smith explores how SLSA helps secure the software supply chain, translating EO 14028 into a roadmap for resilient pipelines.

    Read the article: allthingsopen.org/articles/sup

    #WeLoveOpenSource #SLSA #FOSS #Cybersecurity #DevSecOps #PolicyAsCode

  8. Tonight I’m playing with #rq, a tool originally intended as a #jq replacement using #Rego as its query language, but which eventually grew to be useful for format transformations, and now a full-blown #scripting environment. All powered by #OPA. Madness, obviously, but just the right kind of madness.

    sr.ht/~charles/rq/

    #DevOps #DevSecOps #PolicyAsCode #OpenPolicyAgent #IAM #Code #CloudNative

  9. 🚨 Security doesn't start in prod — it starts at terraform plan.

    With Policy as Code tools like #OPA, #Checkov, Snyk, and #Sentinel by HashiCorp, you can catch misconfigs before they deploy. 🛡️

    🎥 youtube.com/shorts/C-2OJMFVz8c

    #Terraform #HashiCorp #DevSecOps #PolicyAsCode

  10. The #KubeCon recordings are now on YouTube! We'll be posting links to all the #OpenPolicyAgent related ones as we watch them. First out is the #OPA maintainer track session, where @charlieegan3 and @anderseknert give a short introduction to OPA and Rego, followed by a deep-dive into recent performance improvements, and a sneak peek at the project roadmap. Check it out!

    youtube.com/watch?v=XtA-NKoJDaI

    #CloudNative #CNCF #DevOps #DevSecOps #PolicyAsCode

  11. Today I was in the mood and packaged #regal and #opa for @opensuse

    Packages still need more testing, but the first steps are done. Found a glitch in the OPA ldflags handling and reported it upstream.

    Should arrive in #Tumbleweed soon-ish.

    #packagerslife #policyascode #OpenPolicyAgent #opensuse

  12. What better way to spend the weekend than with a new version of #Regal? Everyone's favorite #Rego linter now have 2 more new rules, and some other nice improvements added. Check it out!

    github.com/StyraInc/regal/rele

    #OPA #OpenPolicyAgent #DevOps #DevSecOps #PolicyAsCode

  13. Regal v0.14.0 just released! 🎉 The latest edition of the #OPA community's favorite #Rego linter features two new rules, a new output format, and many improvements and fixes. Release notes and downloads here: github.com/StyraInc/regal/rele

    #OpenPolicyAgent #DevOps #DevSecOps #PolicyAsCode #Linter #CodeQuality #IAM

  14. Regal v0.12.0 just released! The latest edition of the #OPA community's favorite #Rego linter adds 4 new linter rules, a long-awaited capabilities feature, and many other improvements and fixes. Check out the full changelog, and get your copy!

    github.com/StyraInc/regal

    #Regal #OpenPolicyAgent #PolicyAsCode #CloudNative #DevOps #DevSecOps #Authorization #Linter

  15. [Перевод] Использование Verified Permissions для реализации точной авторизации в высоконагруженных приложениях

    Техники оптимизации функции авторизации в современных веб-приложениях. В статье рассматриваются эффективные подходы к управлению точной авторизацией с использованием Amazon Verified Permissions ( читай Cedar Engine ). Вы узнаете о техниках пакетной авторизации и кэширования ответов, которые помогут значительно повысить производительность и отзывчивость приложений. Читать

    habr.com/ru/companies/bercut/a

    #авторизация #bercut #беркут #authz #authorization #Policyascode #вебприложения #web_application

  16. My #KubeCon talk from Amsterdam a few weeks ago is now up on YouTube! The #EUCS — a compliance certification scheme for service providers in the cloud — is on its way, and will have a big impact on how organizations work with #security, #compliance and #automation. A holistic framework like the EUCS provides #policy controls applicable to the whole stack. How would we codify and enforce such rules?

    #OPA #PolicyAsCode #Rego #OSCAL @enisa_eu

    youtube.com/watch?v=XoWf4QcSbD

  17. Finally got a copy of Jimmy Ray’s “Policy as Code”. And it’s really good! Proud about both myself and my #Regal project getting mentioned too.

    #PolicyAsCode #DevOps #DevSecOps #CloudNative #OPA #Styra #OReilly

  18. Summarizing yet another great year for #OpenPolicyAgent in this blog just published! Amazing how much this community accomplished in just a year. Looking forward to many more!

    #OPA #Rego #PolicyAsCode #Styra

    blog.openpolicyagent.org/open-

  19. Nicholaos Mouzourakis at Gusto has been a long-time contributor to #OPA, and has written some of the best blogs on #Rego we've read. Turns out he is just as great talking about it on video! Just published on YouTube, "Super-Scaling Open Policy Agent with Batch Queries" is a deep-dive into an advanced OPA topic, explained well enough to be interesting to most. Hosted by the ever excellent Bart Farrell. Recommended!

    youtube.com/watch?v=b6aTh2Qn4tA

    #CloudNative #CNCF #DevOps #DevSevOps #PolicyAsCode

  20. A new #Regal release is out! Featuring 4 new linter rules, and a bunch of performance improvements along with the usual fixes. I'm particularly happy about the new "narrow-argument" rule, as I don't know many tools do that type of analysis for any language. It's an optional rule though, so make sure to enable it if you want to try it out!

    github.com/StyraInc/regal/rele

    #OPA #Rego #CloudNative #CodeQuality #PolicyAsCode

  21. Regal v0.32.0 just dropped! After having worked mostly on language server features recently, it was time for the linter to get some love. This release includes 3 new linter rules as well as much faster linting. Check it out!

    github.com/StyraInc/regal/rele

    #OPA #Rego #Regal #PolicyAsCode #CloudNative #DevOps #DevSecOps

  22. It's hot outside, but you know what's even hotter? The #CloudNative meetup taking place at the Google office in #Stockholm this evening. I'll be talking about how to translate "real" policy, like the upcoming #EUCS framework into #PolicyAsCode using #OpenPolicyAgent and #Rego. Also, my buddy Abdel to present on ambient service mesh and #Istio. Good times!

    community.cncf.io/events/detai

    #CloudNativeNordics #CNCF #DevOps #DevSecOps #Code

  23. CEL-expr-python – the Common Expression Language (CEL) in #Python is now #opensource!

    CEL is a non-Turing complete embedded policy and expression language built for simplicity, speed, safety, and portability.

    Learn more on #InfoQbit.ly/3NQL4pU

    #SoftwareDevelopment #Google #PolicyAsCode

  24. 🚀 The wait is over—Kubewarden 1.23 is here! Packed with security enhancements, smoother workflows, and key updates to elevate your Kubernetes experience. Dive into what's new: kubewarden.io/blog/2025/03/kub 🌟 #Kubernetes #DevSecOps #Security #PolicyAsCode

  25. Not sure if it'll make it into the next #Regal release, but currently working on Code Lens support for the Regal language server which would allow evaluating any rule directly in the editor, and have the result displayed on the same line. I think it'll go a *really* long way in making #Rego development easier for everyone. Many things to iron out first though... but here's a preview only for fedi :)

    #OPA #DevOps #DevSecOps #CloudNative #PolicyAsCode #LSP

  26. I’ve been doing a lot of “renovations” on old #Rego projects lately, bringing them up to modern standards and best practices. While there are some excellent tools around to help with that, there’s not been much in terms of documentation on that process. So I figured it might be helpful if I shared mine. Check out my latest blog to learn more!

    styra.com/blog/renovating-rego

    #OPA #CloudNative #DevOps #DevSecOps #PolicyAsCode

  27. I just published #Regal v0.16.0. This release brings two new linter rules, but most importantly it adds a language server (LSP) mode to Regal, allowing editor integrations to lint your workspace continuously as you work on your #Rego policies. Client implementations soon to follow. Exciting times!

    Thanks @charlieegan3 for an awesome contribution!

    github.com/StyraInc/regal/rele

    #OPA #Linter #DevOps #DevSecOps #IAM #PolicyAsCode

  28. Today I was in the mood and packaged #regal and #opa for @opensuse

    Packages still need more testing, but the first steps are done. Found a glitch in the OPA ldflags handling and reported it upstream.

    Should arrive in #Tumbleweed soon-ish.

    #packagerslife #policyascode #OpenPolicyAgent #opensuse

  29. Today I was in the mood and packaged #regal and #opa for @opensuse

    Packages still need more testing, but the first steps are done. Found a glitch in the OPA ldflags handling and reported it upstream.

    Should arrive in #Tumbleweed soon-ish.

    #packagerslife #policyascode #OpenPolicyAgent #opensuse

  30. Today I was in the mood and packaged #regal and #opa for @opensuse

    Packages still need more testing, but the first steps are done. Found a glitch in the OPA ldflags handling and reported it upstream.

    Should arrive in #Tumbleweed soon-ish.

    #packagerslife #policyascode #OpenPolicyAgent #opensuse

  31. Today I was in the mood and packaged #regal and #opa for @opensuse

    Packages still need more testing, but the first steps are done. Found a glitch in the OPA ldflags handling and reported it upstream.

    Should arrive in #Tumbleweed soon-ish.

    #packagerslife #policyascode #OpenPolicyAgent #opensuse

  32. Nicholaos Mouzourakis at Gusto has been a long-time contributor to #OPA, and has written some of the best blogs on #Rego we've read. Turns out he is just as great talking about it on video! Just published on YouTube, "Super-Scaling Open Policy Agent with Batch Queries" is a deep-dive into an advanced OPA topic, explained well enough to be interesting to most. Hosted by the ever excellent Bart Farrell. Recommended!

    youtube.com/watch?v=b6aTh2Qn4tA

    #CloudNative #CNCF #DevOps #DevSevOps #PolicyAsCode

  33. Nicholaos Mouzourakis at Gusto has been a long-time contributor to #OPA, and has written some of the best blogs on #Rego we've read. Turns out he is just as great talking about it on video! Just published on YouTube, "Super-Scaling Open Policy Agent with Batch Queries" is a deep-dive into an advanced OPA topic, explained well enough to be interesting to most. Hosted by the ever excellent Bart Farrell. Recommended!

    youtube.com/watch?v=b6aTh2Qn4tA

    #CloudNative #CNCF #DevOps #DevSevOps #PolicyAsCode

  34. Nicholaos Mouzourakis at Gusto has been a long-time contributor to #OPA, and has written some of the best blogs on #Rego we've read. Turns out he is just as great talking about it on video! Just published on YouTube, "Super-Scaling Open Policy Agent with Batch Queries" is a deep-dive into an advanced OPA topic, explained well enough to be interesting to most. Hosted by the ever excellent Bart Farrell. Recommended!

    youtube.com/watch?v=b6aTh2Qn4tA

    #CloudNative #CNCF #DevOps #DevSevOps #PolicyAsCode

  35. Nicholaos Mouzourakis at Gusto has been a long-time contributor to #OPA, and has written some of the best blogs on #Rego we've read. Turns out he is just as great talking about it on video! Just published on YouTube, "Super-Scaling Open Policy Agent with Batch Queries" is a deep-dive into an advanced OPA topic, explained well enough to be interesting to most. Hosted by the ever excellent Bart Farrell. Recommended!

    youtube.com/watch?v=b6aTh2Qn4tA

    #CloudNative #CNCF #DevOps #DevSevOps #PolicyAsCode

  36. [Перевод] Использование Verified Permissions для реализации точной авторизации в высоконагруженных приложениях

    Техники оптимизации функции авторизации в современных веб-приложениях. В статье рассматриваются эффективные подходы к управлению точной авторизацией с использованием Amazon Verified Permissions ( читай Cedar Engine ). Вы узнаете о техниках пакетной авторизации и кэширования ответов, которые помогут значительно повысить производительность и отзывчивость приложений. Читать

    habr.com/ru/companies/bercut/a

    #авторизация #bercut #беркут #authz #authorization #Policyascode #вебприложения #web_application

  37. [Перевод] Использование Verified Permissions для реализации точной авторизации в высоконагруженных приложениях

    Техники оптимизации функции авторизации в современных веб-приложениях. В статье рассматриваются эффективные подходы к управлению точной авторизацией с использованием Amazon Verified Permissions ( читай Cedar Engine ). Вы узнаете о техниках пакетной авторизации и кэширования ответов, которые помогут значительно повысить производительность и отзывчивость приложений. Читать

    habr.com/ru/companies/bercut/a

    #авторизация #bercut #беркут #authz #authorization #Policyascode #вебприложения #web_application

  38. Tonight I’m playing with #rq, a tool originally intended as a #jq replacement using #Rego as its query language, but which eventually grew to be useful for format transformations, and now a full-blown #scripting environment. All powered by #OPA. Madness, obviously, but just the right kind of madness.

    sr.ht/~charles/rq/

    #DevOps #DevSecOps #PolicyAsCode #OpenPolicyAgent #IAM #Code #CloudNative

  39. Tonight I’m playing with , a tool originally intended as a replacement using as its query language, but which eventually grew to be useful for format transformations, and now a full-blown environment. All powered by . Madness, obviously, but just the right kind of madness.

    sr.ht/~charles/rq/

  40. Tonight I’m playing with #rq, a tool originally intended as a #jq replacement using #Rego as its query language, but which eventually grew to be useful for format transformations, and now a full-blown #scripting environment. All powered by #OPA. Madness, obviously, but just the right kind of madness.

    sr.ht/~charles/rq/

    #DevOps #DevSecOps #PolicyAsCode #OpenPolicyAgent #IAM #Code #CloudNative

  41. Tonight I’m playing with #rq, a tool originally intended as a #jq replacement using #Rego as its query language, but which eventually grew to be useful for format transformations, and now a full-blown #scripting environment. All powered by #OPA. Madness, obviously, but just the right kind of madness.

    sr.ht/~charles/rq/

    #DevOps #DevSecOps #PolicyAsCode #OpenPolicyAgent #IAM #Code #CloudNative