The greatest challenge for vendors in the #Authorization, or #PolicyAsCode space, isn't to convince companies or their devs that their product is better than whatever their own engineers can build from scratch. The biggest challenge is to convince people that authorization, just like #identity, is an *organizational* concern, and not one that should be solved in each team individually. While getting buy-in from a single team is easy, getting a whole org to align on *anything* is... challenging.

I got to talk about myself, and some about #OPA, #authorization and #PolicyAsCode too, at the local #OWASP meetup in #Oslo 🇳🇴 this evening. Good times, and a really engaged audience. So many great questions after. Thanks @webtonull for inviting me!

New blog just dropped! On using a #linter as a tool for learning a new #programming language, and how I tried to apply some of those ideas while building #Regal, the new linter for #Rego.

https://www.styra.com/blog/guarding-the-guardrails-introducing-regal-the-rego-linter/

#OpenPolicyAgent #OPA #CloudNative #CNCF #PolicyAsCode

It's hot outside, but you know what's even hotter? The #CloudNative meetup taking place at the Google office in #Stockholm this evening. I'll be talking about how to translate "real" policy, like the upcoming #EUCS framework into #PolicyAsCode using #OpenPolicyAgent and #Rego. Also, my buddy Abdel to present on ambient service mesh and #Istio. Good times!

https://community.cncf.io/events/details/cncf-stockholm-presents-stockholm-cloud-native-community-group-june-2023-meetup/

#CloudNativeNordics #CNCF #DevOps #DevSecOps #Code

My #Rego linter #Regal featured in both the #DevOps weekly newsletter and the #CloudSecList 😃 Not too often I’m proud of something, but now is one of those occasions.

https://github.com/StyraInc/regal/

#PolicyAsCode #OPA #DevSecOps #Development #Code #OpenSource

My #KubeCon talk from Amsterdam a few weeks ago is now up on YouTube! The #EUCS — a compliance certification scheme for service providers in the cloud — is on its way, and will have a big impact on how organizations work with #security, #compliance and #automation. A holistic framework like the EUCS provides #policy controls applicable to the whole stack. How would we codify and enforce such rules?

#OPA #PolicyAsCode #Rego #OSCAL @enisa_eu

https://www.youtube.com/watch?v=XoWf4QcSbDw

If you want to talk #OPA, #Rego and #PolicyAsCode — or just say hi 👋 — I’ll be in the OPA kiosk at #KubeCon today between 13:00 - 16:00. See you there! 😃

Lots of #OPA, #authorization and #PolicyAsCode this #KubeCon! Check out the new #Styra blog for a summary, but there's even more in the pipeline :)

https://www.styra.com/blog/join-us-at-kubecon-cloudnativecon-eu/

If you're in Amsterdam 🇳🇱 Tuesday next week I'll be talking #OPA, #PolicyAsCode and #authorization in distributed environments at the #DevOps Institute's SKILup meetup. Join in, it'll be fun!

https://www.meetup.com/devops-institute-skilup-amsterdam/events/290766158/

Good introductory article on using #Conftest to enforce #PolicyAsCode decisions against Ansible Playbooks.

#OPA #OpenPolicyAgent #Rego

https://www.redhat.com/sysadmin/conftest-policy-as-code-ansible

Summarizing yet another great year for #OpenPolicyAgent in this blog just published! Amazing how much this community accomplished in just a year. Looking forward to many more!

#OPA #Rego #PolicyAsCode #Styra

https://blog.openpolicyagent.org/open-policy-agent-2022-year-in-review-79324ad54535

One of my favorite #OPA / #Rego projects — SansShell!

"Its goal is to replace the need to use an interactive shell for emergency debugging and recovery with a much safer interface. Each authorized action can be evaluated against an OPA policy, audited in advance or after the fact, and is ideally deterministic."

#OpenPolicyAgent #PolicyAsCode

https://github.com/Snowflake-Labs/sansshell

@oncallmemaybe @anamedina My take:

SRE = early days SRE, à la OG Google
Modern SRE = the evolution of SRE practices, which should include #Observability, incident management with blameless post-mortems, #psychologicalsafety, #policyAsCode

Do y’all agree/disagree?

What else would y’all add to the list?

New rule added to the #Rego style guide, pertaining to the use of a redundant rule body for unconditional assignment. Prefer assignment in the rule head directly ☝️💡

https://github.com/StyraInc/rego-style-guide/pull/19/files?short_path=b335630#diff-b335630551682c19a781afebcf4d07bf978fb1f8ac04c6bf87428ed5106870f5

#OPA #OpenPolicyAgent #PolicyAsCode #Styra