Policy As Code: Improving Cloud-native Security

In today's cloud native world, where we automate as much as possible, everything is code. With this practical guide, you'll learn how policy as code (PaC) provides the means to manage the policies that guide our responses as well as the systems we maintain—Kubernetes, cloud security, software supply-chain security, infrastructure-as-code, and microservices authorization, among others. Author Jimmy Ray, a developer advocate on the Amazon Web Services Kubernetes team, provides a practical approach to integrating PaC solutions into your systems, with plenty of real-world examples and important hands-on guidance. DevOps and DevSecOps engineers, Kubernetes developers, and cloud engineers will understand how to choose and then implement the most appropriate solutions. * Understand PaC theory, best practices, and use cases for security * Learn how to choose and use the correct PaC solution for your needs * Explore PaC tooling and deployment options for writing and managing PaC policies * Apply PaC to DevOps, IaC, Kubernetes, and AuthN/AuthZ * Examine how you can use PaC to implement security controls * Verify that your PaC solution is providing the desired result * Create auditable artifacts to satisfy internal and external regulatory requirements In today's cloud native world, where we automate as much as possible, everything is code. With this practical guide, you'll learn how Policy as Code (PaC) provides the means to manage the policies, related data, and responses to events that occur within the systems we maintain—Kubernetes, cloud security, software supply chain security, infrastructure as code, and microservices authorization, among others.Author Jimmy Ray provides a practical approach to integrating PaC solutions into your systems, with plenty of real-world examples and important hands-on guidance. DevOps and DevSecOps engineers, Kubernetes developers, and cloud engineers will understand how to choose and then implement the most appropriate solutions.Understand PaC theory, best practices, and use cases for securityLearn how to choose and use the correct PaC solution for your needsExplore PaC tooling and deployment options for writing and managing PaC policiesApply PaC to DevOps, IaC, Kubernetes, and AuthN/AuthZExamine how you can use PaC to implement security controlsVerify that your PaC solution is providing the desired resultCreate auditable artifacts to satisfy internal and external regulatory requirements