Provide a Level of Freedom Achieved Only Through Applied Governance Strategy
If you are suffering from slow, error-prone ticketing workflows, then implementing Policy as Code can help by codifying policies and automating enforcement.
Policy as Code is an awesome subject to approach – the idea of implementing definition, control, and auditing in an automated form using code is exciting. Traditionally, policies were defined in text files and manually enforced.
Policy as Code allows configuration to be tested, peer reviewed, versioned, automated, and re-used. Think of how such an implementation could benefit your organization not only at the functional level, but also at the cultural level. Functionally, many tasks can be controlled prior to execution. In a cloud environment, this is a requirement especially when it comes to controlling costs.
However, on the cultural side, it has far-reaching effects. Would you rather work in an environment that was tightly organized and well defined or one that was loosely organized and undefined? Some would say this is a question of personal preference. However, I advocate that personal preference cannot hold a candle to long-term stability.
Benefits of Policy as Code
Putting Drawers on the Cloud
Many vendors have made Policy as Code their mainstay. Companies such as HashiCorp, Fugue, and Chef focus on products that provide customers with tools to implement policy automation at scale in the cloud. A top focal point for this technology is compliance. Many organizations have regulations and guidelines they must follow to operate compliant environments.
Policy as Code vendors address this need by offering products that provide compliance checks against well-known risk management frameworks such as NIST 800-53, PCI, and HIPPA. Additionally, there is a definite benefit from Policy as Code within the context of DevSecOps. A security focus is applied to create defined process workflows that meet requirements, but allow DevOps to flow freely. We are back to putting security and governance before the actual tasks and processes that get the job done.
A Smooth Cloud Journey
In many cases, implementing some of the previously noted tools require that the enterprise versions of these products be purchased. However, there are foundational cloud aspects that can prepare you for a tool implementation even if you currently are not a good candidate or your purse is not green enough. The creation of a well thought out governance strategy tailored for the cloud is a major step in the right direction. The creation of a tagging schema accompanied by its enforcement is also in the top five things that need to occur.
Many of these tools use tags for input and having your tagging schema settled will put you miles ahead. Additionally, defining your cloud-specific management processes will also put you in a position to implement a Policy as Code tool into your environment by modeling what is outlined in your strategy. Working in the cloud is functionally the same as the traditional data center, but the specific tasks differ. Just know that when you go in.
Plan, Plan, Plan, and Plan Some More…
As I continue working with different cloud software vendors and service providers, I see how quickly the landscape on the front edge is changing. However, the basics are becoming increasingly prominent. Creating a solid governance foundation for your cloud adoption is imperative.Merging management, governance, and security as the core of your adoption strategy, will put you in great shape to benefit completely from all the newness the cloud has to offer. Be willing to expend the upfront time necessary to take advantage of Policy as Code as your adoption matures.
HashiCorp Policy as Code Framework with Armon Dadgar
