Policy Design in the Age of Digital Adoption

By : Ricardo Ferreira

Policy Design in the Age of Digital Adoption

By: Ricardo Ferreira

Overview of this book

Policy as Code (PaC) is a powerful paradigm that enables organizations to implement, validate, and measure policies at scale. Policy Design in the Age of Digital Adoption is a comprehensive guide to understanding policies, their design, and implementation for cloud environments using a DevOps-based framework. You'll discover how to create the necessary automation, its integration, and which stakeholders to involve. Complete with essential concepts, practical examples, and self-assessment questions, this book will help you understand policies and how new technologies such as cloud, microservices, and serverless leverage Policy as Code. You'll work with a custom framework to implement PaC in the organization, and advance to integrating policies, guidelines, and regulations into code to enhance the security and resilience posture of the organization. You'll also examine existing tools, evaluate them, and learn a framework to implement PaC so that technical and business teams can collaborate more effectively. By the end of this book, you'll have gained the confidence to design digital policies across your organizational environment.

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the color images

Conventions used

Get in touch

Share your thoughts

Section 1: Foundation

Free Chapter

Chapter 1: Introduction to Policy Design

The why, what, and how of policies

From design theory to policy implementation

Policy design – key issues, tools, designs over time, and effectiveness

The business value of digital policies

Summary

Chapter 2: Operationalizing Policy for Highly Regulated Industries

Highly regulated industries and their policy needs

Policy through catalog controls

Access controls for enforcing policies

Summary

Chapter 3: Policy as Code a Business Enabler

Policies at speed – Policy as Code

Governance agility – automating policies

Business benefits of PaC

Summary

Section 2: Framework

Chapter 4: Framework for Digital Policies

Framework components

Exploring the framework stages

Summary

Chapter 5: Policy for Cloud-Native Environments

Technical requirements

Cloud-native environments

Native policy constructs for FaaS

Native policy constructs for CaaS

Examples of cloud-native policies

Summary

Further reading

Chapter 6: Policy Design for Hybrid Environments

Technical requirements

The challenges of hybrid environments

Policy as Code in hybrid environments

Automation, segregation, and enforcement

An example of a policy spanning hybrid environments

Summary

Chapter 7: Building a Culture of PolicyOps

Technical requirements

PolicyOps – designing, embedding, and managing policies

Policy DLC – coherence, congruence, and consistency

Agile policy design

Summary

Section 3: Tooling

Chapter 8: Policy Engines

Technical requirements

Policy engines

Pod Security Policies

Kyverno

Sentinel

Open Security Controls Assessment Language

K-Rail

jsPolicy

Summary

Chapter 9: A Primer on Open Policy Agent

Technical requirements

Open Policy Agent

Rego

Open Policy Agent extension and integration

Summary

Chapter 10: Policy as Code Tool Evaluation

Technical requirements

Cloud-native open source ecosystems

Vendor ecosystems

CSP-native capabilities

The evaluation framework

Summary

Chapter 11: Cloud Providers Policy Constructs

Technical requirements

Types of CSP policies

AWS native policy offerings

Azure native policy offerings

Google Cloud native policy offerings

Summary

Chapter 12: Integrating Policy as Code with Enterprise Workflows

Technical requirements

Integration with existing enterprise workflow software

Policy as Code automated life cycle

Designing for automated policy enforcement across the enterprise

Summary

Chapter 13: Real-World Scenarios and Architectures

Technical requirements

A cost policy scenario

An authorization policy scenario

A service migration policy scenario

A compliance enforcement scenario

Summary

Why subscribe?

Other Books You May Enjoy

Packt is searching for authors like you

Share your thoughts

Customer Reviews

5 star

4 star

3 star

2 star

1 star

Chapter 9: A Primer on Open Policy Agent

After the primer on policy engines in the previous chapter, we will now focus on Open Policy Agent (OPA), the most popular policy engine out there.

This chapter will briefly introduce OPA, its architecture, how it can be used, and the main benefits and challenges, while also going a bit deeper into its policy language, Rego, which is used to build coercive instruments for access control.

Since Rego is the key to expressing policies, we will show some snippets and discuss them. OPA contains a playground that we will leverage, and you can also follow along to solidify your understanding of the concepts explained.

We will also talk about how integration with IT environments and platforms nowadays is becoming more complex due to the numerous products and services, and the shift to microservices requiring an overlay that can deal with all the pieces. We will discuss the ecosystem and how we can integrate OPA with microservices, CI/CD, service...

Policy Design in the Age of Digital Adoption

By : Ricardo Ferreira

Policy Design in the Age of Digital Adoption

By: Ricardo Ferreira

Overview of this book

Related Content you might be interested in

Current Title:

Policy Design in the Age of Digital Adoption

Cybersecurity and Privacy Law Handbook.

Cloud Auditing Best Practices

Mastering Cloud Security Posture Management (CSPM)

Chapter 9: A Primer on Open Policy Agent