Dec 5, 2025 · 12 min read · Trong bối cảnh Cloud-native, Kubernetes, Microservice, và Zero Trust, việc kiểm soát chính sách bảo mật không chỉ nằm ở firewall hay IAM nữa. Chúng ta cần một công cụ linh hoạt, có khả năng nhúng vào mọi tầng của hệ thống — từ Kubernetes Admission Co...
Join discussionSep 14, 2025 · 5 min read · In this article, I will walk you through the process of installing Open Policy Agent (OPA) and demonstrate how to use it effectively. We will begin with the installation steps, then explore the basics of OPA policies and their structure. I will cover...
Join discussion
Sep 9, 2025 · 6 min read · You’ve heard it in a sprint review: “Let’s be helpful but safe.”Sounds nice. Not shippable. What we need is behavior we can diff. A contract we can test. Guardrails we can version and roll back like any other artifact. That’s Policy-as-Code for AI. L...
Join discussion
Jun 5, 2025 · 4 min read · Policy-as-Code CI/CD Governance "Why is no one talking about policy enforcement in CI/CD pipelines like it's a core part of DevOps?"This was the question that started it all for me. I am C.Aman — a cloud and DevOps engineer who recently went deep in...
Join discussionApr 25, 2025 · 12 min read · Overview In today’s modern microservice based applications, policy-based control has become essential for enforcing access rules, managing compliance, and ensuring secure behavior across services. One powerful tool that helps developers build these r...
WWilson commented
Jan 23, 2025 · 5 min read · Kyverno, Kubewarden, and OPA Gatekeeper: In today’s cloud-native world, Kubernetes has become the de facto standard for container orchestration. However, as organizations scale their Kubernetes clusters, ensuring compliance, security, and governance ...
Join discussion
Oct 19, 2024 · 16 min read · fImage Security : Trivy The image has several layer and sometimes in one of these layers there CVE(Common Vulnarability and Exposers), in simple words a kind of backdoor is there so chances of hacking is greater. So we want to make sure that the im...
Join discussion
Jun 21, 2024 · 6 min read · By Iheanyi Onwubiko Enhancing Helm chart security and policy compliance with OPA Managing Kubernetes applications correctly is as crucial as their development. Helm charts are a pivotal tool for deploying and managing these applications efficiently. ...
Join discussion
Oct 5, 2023 · 8 min read · In the realm of Terraform, creating infrastructure was a breeze, but challenges loomed. How could teams ensure rule adherence? Were the right tags and naming conventions followed? Many organizations grappled with these questions. Terraform, though ef...
Join discussion
Sep 6, 2023 · 5 min read · Authorization is a crucial concern for most applications. As app logic grows, permission checks often get scattered across handlers, middlewares, and external services. This leads to duplicated logic and inconsistencies. Open Policy Agent (OPA) provi...
Join discussion