May 7 · 9 min read · Authentication is a solved problem. Authorization is where things get complicated. Once you know who is making a request, how do you decide what they're allowed to do? At small scale, authorization is simple. An admin role gets full access, a viewer ...
Join discussionMay 6 · 6 min read · Most DevOps tutorials show you how to use infrastructure tools. This one shows you how to build one from scratch. SwiftDeploy is a CLI tool I built that manages an entire Docker stack from a single ma
Join discussion
Apr 26 · 14 min read · Open Policy Agent is one of the best pieces of infrastructure software ever built. It solved a real problem — how do you enforce authorization and admission control across distributed systems — and it solved it well enough that it became the default ...
Join discussion
Dec 5, 2025 · 12 min read · Trong bối cảnh Cloud-native, Kubernetes, Microservice, và Zero Trust, việc kiểm soát chính sách bảo mật không chỉ nằm ở firewall hay IAM nữa. Chúng ta cần một công cụ linh hoạt, có khả năng nhúng vào mọi tầng của hệ thống — từ Kubernetes Admission Co...
Join discussionSep 14, 2025 · 5 min read · In this article, I will walk you through the process of installing Open Policy Agent (OPA) and demonstrate how to use it effectively. We will begin with the installation steps, then explore the basics of OPA policies and their structure. I will cover...
Join discussion
Sep 9, 2025 · 6 min read · You’ve heard it in a sprint review: “Let’s be helpful but safe.”Sounds nice. Not shippable. What we need is behavior we can diff. A contract we can test. Guardrails we can version and roll back like any other artifact. That’s Policy-as-Code for AI. L...
Join discussion
Jun 5, 2025 · 4 min read · Policy-as-Code CI/CD Governance "Why is no one talking about policy enforcement in CI/CD pipelines like it's a core part of DevOps?"This was the question that started it all for me. I am C.Aman — a cloud and DevOps engineer who recently went deep in...
Join discussionApr 25, 2025 · 12 min read · Overview In today’s modern microservice based applications, policy-based control has become essential for enforcing access rules, managing compliance, and ensuring secure behavior across services. One powerful tool that helps developers build these r...
WWilson commented
Jan 23, 2025 · 5 min read · Kyverno, Kubewarden, and OPA Gatekeeper: In today’s cloud-native world, Kubernetes has become the de facto standard for container orchestration. However, as organizations scale their Kubernetes clusters, ensuring compliance, security, and governance ...
Join discussion
Oct 19, 2024 · 16 min read · fImage Security : Trivy The image has several layer and sometimes in one of these layers there CVE(Common Vulnarability and Exposers), in simple words a kind of backdoor is there so chances of hacking is greater. So we want to make sure that the im...
Join discussion
