Chapter 12: Integrating Policy as Code with Enterprise Workflows
When trying to leverage Policy as Code across organizations, we need to integrate automation, tools, and platforms with existing processes to achieve cohesion, generating value bigger than the sum of its parts.
One way that governance and management of IT are done is by using frameworks such as Information Technology Infrastructure Library (ITIL) or Control Objectives for Information and Related Technologies (COBIT). We will introduce these frameworks and how we can leverage software to enforce the framework governance structure. These IT service management tools are widespread in enterprises. We will cover them here and integrate them with our Policy Engines (PEs).
Finally, we will cover Continuous Integration and Continuous Delivery (CI/CD), some of the most popular tools, such as Jenkins, Spinnaker, and GitHub Actions, and we will highlight an example of testing our policies in an automated pipeline using GitHub...