Armory Introduces Spinnaker Policy Engine to Enable Developer Guardrails Across the SDLC

Nov 12, 2019 by Armory

Note: This news was announced here as a press release on 11/12/2019.

Armory’s newly released Open Policy Agent (OPA)-based Policy Engine for SDLC gives enterprises fine-grained control of the software delivery process by providing the hooks necessary to perform extensive verification of pipelines, processes, and policies in Spinnaker.

The new Policy Engine for SDLC unleashes the full power of Spinnaker with automation to harness the promise of multicloud delivery environments. Armory scales and automates policies across the entire SDLC, putting you in control no matter how complex your delivery infrastructure or regulatory environment.

With the Armory Policy Engine for SDLC, you can set guardrails and controls per-application, per-pipeline or per-project to manage and enforce security, regulatory, compliance or business policies using granular role-based entitlement. Unlike other proprietary policy engines, Armory’s OPA-based Policy Engine for SDLC deeply integrates with many enterprise systems of record. It provides a trusted, single pane of glass for management and control as part of a rigorous, intelligent platform that lets you “set-and-forget.”

Unleashing the Power and Automation of Spinnaker, With Guardrails

You want to move fast and innovate but can’t sacrifice compliance with regulations, internal policies, and security best practices. Companies with complex security policies or in highly regulated industries with multiple compliance standards — FedRAMP, SOC 2, NIST, or ISO, for example — find this problem especially painful. Armory’s Policy Engine for SDLC enables automatic adherence to these requirements.

Your company likely struggles with the bottleneck many organizations face as they adopt automation in delivery and service ownership: hesitation to hand over full control to DevOps until compliance guarantees are in place. Policy requirements and context are fragmented across systems of record, and security teams must review changes for compliance. The Armory Policy Engine for SDLC is context-aware across the SDLC and connects to systems of record within the enterprise. It automatically infers context to confidently craft policies, from code commit to the point at which a service or feature ends up in customer’s hands. Now, your teams can deploy a single policy engine across the SDLC instead of enforcing siloed policies or creating home-grown policy engines. The result? Break down silos and bottlenecks to accelerate delivery while maintaining the guardrails required by your internal or industry policies.

The process of identifying compliance gaps and updating policies across your SDLC as regulations change requires manual work that slows software delivery. Armory’s Policy Engine for SDLC centralizes the creation, application, and continuous updating of policies for a trusted set-and-forget policy model. You can instantly identify compliance gaps and set policies to bring your organization into compliance. You can also create custom policies. For example, set ISO 27000 compliance policies with Policy Engine for SDLC, and it will continuously update policy definitions while monitoring for compliance — removing the burden of manual updates.

Armory Makes Your SDLC Standardized, Streamlined, Compliant and Cost-Effective

Armory Spinnaker is cloud-neutral, cloud-agnostic and vendor-lock-in-free, allowing you to streamline and standardize your SDLC. With Policy Engine for SDLC, you can manage policies across your entire SDLC with context and fine-grained controls. These include regulatory, compliance, operational, security, and business policies, including a focus on enterprise ROI.

Armory’s single pane of glass view across Spinnaker and the SDLC gives the policy engine insight and context for automated decisions on optimizing ROI for cloud delivery decisions, so you can avoid costly mistakes, security failures and compliance violations.

Business, Cost, and Continuity Policies

Drive automated ROI optimization and maximize delivery performance.

Guardrail and RBAC Policies

Leverage automation to strike a balance between DevOps empowerment and guardrails.

Operational Policies

Implement automated policies at every stage based on your DevOps and delivery requirements.

Armory Policy Engine for SDLC: Screenshot

Security Policies

Achieve service ownership while adhering to required security policies.

Regulatory and Compliance Policies

Automate compliance with existing and emerging regulations across your SDLC.

Armory Policy Engine for SDLC: Product and Implementation Details

The Armory Policy Engine for SDLC is based on the trusted OPA framework. The selection of OPA is aligned with our philosophy of providing a cloud-agnostic, neutral framework that does not create vendor lock-in. OPA provides a high-level declarative language that lets you specify policy-as-code, and simple APIs to offload policy decision-making. Implementation of the policy agent uses OPA-style policy documents to perform validation of pipelines during creation and updates via the familiar ‘input’ variable. See a demo here.

You can apply policies on a per-application, per-pipeline, per-pipeline-stage, or per-project basis, and policies can be applied to stages as they are dynamically generated. Future versions of the Policy Engine for SDLC will ship with predefined policies.

See demos of Armory’s Policy Engine for SDLC here and here. Additional product information and documentation for can be found here.

Interested in learning more about Armory Policy Engine for SDLC or Armory Spinnaker? Reach out to us here or on Spinnaker Slack — we’d love to chat!

Share this post:

Recently Published Posts

Lambda Deployment is now supported by Armory CD-as-a-Service

Nov 28, 2023

Armory simplifies serverless deployment: Armory Continuous Deployment-as-a-Service extends its robust deployment capabilities to AWS Lambda.

Read more

New Feature: Trigger Nodes and Source Context

Sep 29, 2023

The Power of Graphs for Ingesting and Acting on Complex Orchestration Logic We’ve been having deep conversations with customers and peer thought leaders about the challenges presented by executing multi-environment continuous deployment, and have developed an appreciation for the power of using visual tools such as directed acyclic graphs (DAG) to understand and share the […]

Read more

Continuous Deployments meet Continuous Communication

Sep 7, 2023

Automation and the SDLC Automating the software development life cycle has been one of the highest priorities for teams since development became a profession. We know that automation can cut down on burnout and increase efficiency, giving back time to ourselves and our teams to dig in and bust out innovative ideas. If it’s not […]

Read more