Book description
In today's cloud native world, where we automate as much as possible, everything is code. With this practical guide, you'll learn how Policy as Code (PaC) provides the means to manage the policies, related data, and responses to events that occur within the systems we maintain—Kubernetes, cloud security, software supply chain security, infrastructure as code, and microservices authorization, among others.
Author Jimmy Ray provides a practical approach to integrating PaC solutions into your systems, with plenty of real-world examples and important hands-on guidance. DevOps and DevSecOps engineers, Kubernetes developers, and cloud engineers will understand how to choose and then implement the most appropriate solutions.
- Understand PaC theory, best practices, and use cases for security
- Learn how to choose and use the correct PaC solution for your needs
- Explore PaC tooling and deployment options for writing and managing PaC policies
- Apply PaC to DevOps, IaC, Kubernetes, and AuthN/AuthZ
- Examine how you can use PaC to implement security controls
- Verify that your PaC solution is providing the desired result
- Create auditable artifacts to satisfy internal and external regulatory requirements
Publisher resources
Table of contents
- Preface
- 1. Policy as Code: A Gentle Introduction
- 2. Open Policy Agent
- 3. Policy as Code and Access Control
- 4. Policy as Code and Kubernetes
- 5. Open Policy Agent and Kubernetes
- 6. MagTape and Kubernetes
- 7. OPA/Gatekeeper and Kubernetes
- 8. Kyverno and Kubernetes
- 9. jsPolicy and Kubernetes
- 10. Cloud Custodian and Kubernetes
- 11. PaC and Infrastructure as Code
- 12. PaC and Terraform IaC
- 13. PaC and Infrastructure as a Service
- 14. PaC and the Software Supply Chain
- 15. Retrospectives and Futures
- Index
- About the Author
Product information
- Title: Policy as Code
- Author(s):
- Release date: July 2024
- Publisher(s): O'Reilly Media, Inc.
- ISBN: 9781098139186
You might also like
book
Security as Code
DevOps engineers, developers, and security engineers have ever-changing roles to play in today's cloud native world. …
book
Cloud Without Compromise
Many companies claim to have "gone to the cloud," yet returns from their efforts are meager …
audiobook
Intentional Mindset
Some people seem to be born with a mental makeup that predestines them for success. But …
book
Kubernetes Security and Observability
Securing, observing, and troubleshooting containerized workloads on Kubernetes can be daunting. It requires a range of …