Implementing policy and governance as code on infrastructure code
In this section, we will learn what policy as code is and how it helps an organization to govern and enforce best practices when we spin up resources in a secure and compliant way. We will also learn where to place policy checks in the CI/CD pipeline.
Policy as code
A policy is a set of rules or a plan related to particular situations. It is a way to enforce certain rules and constraints that restrict unauthorized access to resources such as services and environments. There are three different types of policies:
- Compliance policies: These policies make sure the system or resources are compliant with standards such as PCI-DSS, GDPR, or HIPAA.
- Security policies: These are organizational policies for the security of infrastructure resources.
- Operational excellence policies: These are policies that make sure all the services or resources contain objects that make operation easy. For instance, tagging...
