Centralized Policy Management – Noaa Barki – NDC Security 2022
Systems are becoming more and more complex, built on microservices architecture, with large engineering organizations working together inter-dependently. In this new world order in engineering organizations, policy management has become a core piece in making this all operate more seamlessly.
Projects like Open Policy Agent (OPA) have brought policy management to forefront, and have provided one method for applying centralized policy at scale – for improved security and compliance. This talk will review different methods for applying centralized policy at scale, demoing this through OPA as a policy operator, and applying policies to Kubernetes config YAMLs, for a real world example for how you can integrate security through code to your services as well.