Policy As Code
Policy as Code is the practice of expressing organizational, security, and compliance rules as machine-readable code — rather than as prose documents — so that policies can be automatically and consistently enforced, tested, and version-controlled across infrastructure and software delivery pipelines.
12 resources across 2 libraries
Glossary Terms(6)
Infrastructure Drift
Infrastructure drift occurs when the actual, live state of cloud or infrastructure resources diverges from the state defined in Infrastructure as Code (IaC) co…
Golden Image
A golden image is a pre-configured, versioned, and tested machine image or container base image — with the OS, security patches, agents, and baseline software…
Policy as Code
Policy as Code is the practice of expressing organizational, security, and compliance rules as machine-readable code — rather than as prose documents — so that…
Open Policy Agent
Open Policy Agent (OPA) is an open-source, general-purpose policy engine that lets organizations define and enforce fine-grained authorization and compliance r…
Image Scanning
Image scanning is the automated process of analyzing a container image's layers, installed packages, and dependencies to detect known security vulnerabilities…
Runtime Security
Runtime security is the practice of monitoring, detecting, and responding to threats and anomalous behavior in applications and infrastructure while they are a…
Interview Questions(6)
What is DevSecOps and How Do You Implement It?
DevSecOps is the practice of integrating security checks and ownership directly into every stage of the DevOps pipeline — from code commit through build, test,…
What is Infrastructure Testing and Why Does It Matter?
Infrastructure testing is the practice of writing automated checks that verify infrastructure-as-code (Terraform, CloudFormation, Pulumi) actually provisions t…
What is Policy as Code and Why Use It in DevOps?
Policy as code is the practice of writing an organization’s compliance, security, and operational rules — like "no S3 bucket may be public" or "every deploymen…
What is Open Policy Agent (OPA) and How Does Rego Work?
Open Policy Agent (OPA) is a general-purpose, open-source policy engine that decouples policy decision-making from application logic — services send it structu…
What is HashiCorp Sentinel and How Does It Enforce Policy?
HashiCorp Sentinel is a policy-as-code framework embedded across the HashiCorp toolchain — Terraform Cloud/Enterprise, Vault, Consul, and Nomad — that evaluate…
What is Compliance as Code?
Compliance as code is the practice of expressing regulatory and internal security controls as machine-readable, version-controlled policy definitions that are…