Armory Introduces Spinnaker Policy Engine to Enable Developer Guardrails Across the SDLC

Nov 12, 2019 by Armory

Note: This news was announced here as a press release on 11/12/2019.

Armory’s newly released Open Policy Agent (OPA)-based Policy Engine for SDLC gives enterprises fine-grained control of the software delivery process by providing the hooks necessary to perform extensive verification of pipelines, processes, and policies in Spinnaker.

The new Policy Engine for SDLC unleashes the full power of Spinnaker with automation to harness the promise of multicloud delivery environments. Armory scales and automates policies across the entire SDLC, putting you in control no matter how complex your delivery infrastructure or regulatory environment.

With the Armory Policy Engine for SDLC, you can set guardrails and controls per-application, per-pipeline or per-project to manage and enforce security, regulatory, compliance or business policies using granular role-based entitlement. Unlike other proprietary policy engines, Armory’s OPA-based Policy Engine for SDLC deeply integrates with many enterprise systems of record. It provides a trusted, single pane of glass for management and control as part of a rigorous, intelligent platform that lets you “set-and-forget.”

Register for a live webinar December 5th at 10am PT / 1pm ET, featuring demos of Policy Engine for SDLC.

Unleashing the Power and Automation of Spinnaker, With Guardrails

You want to move fast and innovate but can’t sacrifice compliance with regulations, internal policies, and security best practices. Companies with complex security policies or in highly regulated industries with multiple compliance standards — FedRAMP, SOC 2, NIST, or ISO, for example — find this problem especially painful. Armory’s Policy Engine for SDLC enables automatic adherence to these requirements.

Your company likely struggles with the bottleneck many organizations face as they adopt automation in delivery and service ownership: hesitation to hand over full control to DevOps until compliance guarantees are in place. Policy requirements and context are fragmented across systems of record, and security teams must review changes for compliance. The Armory Policy Engine for SDLC is context-aware across the SDLC and connects to systems of record within the enterprise. It automatically infers context to confidently craft policies, from code commit to the point at which a service or feature ends up in customer’s hands. Now, your teams can deploy a single policy engine across the SDLC instead of enforcing siloed policies or creating home-grown policy engines. The result? Break down silos and bottlenecks to accelerate delivery while maintaining the guardrails required by your internal or industry policies.

The process of identifying compliance gaps and updating policies across your SDLC as regulations change requires manual work that slows software delivery. Armory’s Policy Engine for SDLC centralizes the creation, application, and continuous updating of policies for a trusted set-and-forget policy model. You can instantly identify compliance gaps and set policies to bring your organization into compliance. You can also create custom policies. For example, set ISO 27000 compliance policies with Policy Engine for SDLC, and it will continuously update policy definitions while monitoring for compliance — removing the burden of manual updates.

Armory Makes Your SDLC Standardized, Streamlined, Compliant and Cost-Effective

Armory Spinnaker is cloud-neutral, cloud-agnostic and vendor-lock-in-free, allowing you to streamline and standardize your SDLC. With Policy Engine for SDLC, you can manage policies across your entire SDLC with context and fine-grained controls. These include regulatory, compliance, operational, security, and business policies, including a focus on enterprise ROI.

Armory’s single pane of glass view across Spinnaker and the SDLC gives the policy engine insight and context for automated decisions on optimizing ROI for cloud delivery decisions, so you can avoid costly mistakes, security failures and compliance violations.

Business, Cost, and Continuity Policies

Drive automated ROI optimization and maximize delivery performance.

Guardrail and RBAC Policies

Leverage automation to strike a balance between DevOps empowerment and guardrails.

Operational Policies

Implement automated policies at every stage based on your DevOps and delivery requirements.

Armory Policy Engine for SDLC: Screenshot

Security Policies

Achieve service ownership while adhering to required security policies.

Regulatory and Compliance Policies

Automate compliance with existing and emerging regulations across your SDLC.

Armory Policy Engine for SDLC: Product and Implementation Details

The Armory Policy Engine for SDLC is based on the trusted OPA framework. The selection of OPA is aligned with our philosophy of providing a cloud-agnostic, neutral framework that does not create vendor lock-in. OPA provides a high-level declarative language that lets you specify policy-as-code, and simple APIs to offload policy decision-making. Implementation of the policy agent uses OPA-style policy documents to perform validation of pipelines during creation and updates via the familiar ‘input’ variable. See a demo here.

You can apply policies on a per-application, per-pipeline, per-pipeline-stage, or per-project basis, and policies can be applied to stages as they are dynamically generated. Future versions of the Policy Engine for SDLC will ship with predefined policies.

See demos of Armory’s Policy Engine for SDLC here and here. Additional product information and documentation for can be found here.

Interested in learning more about Armory Policy Engine for SDLC or Armory Spinnaker? Reach out to us here or on Spinnaker Slack — we’d love to chat!

Share this post:

Recently Published Posts

How to Become a Site Reliability Engineer (SRE)

Jun 6, 2023

A site reliability engineer (SRE) bridges the gap between IT operations and software development. They understand coding and the overall task of keeping the system operating.  The SRE role originated to give software developers input into how teams deploy and maintain software and to improve it to increase reliability and performance. Before SREs, the software […]

Read more

Continuous Deployment KPIs

May 31, 2023

Key SDLC Performance Metrics for Engineering Leaders Engineering leaders must have an effective system in place to measure their team’s performance and ensure that they are meeting their goals. One way to do this is by monitoring Continuous Deployment Key Performance Indicators (KPIs).  CD and Automated Tests If you’re not aware, Continuous Deployment, or CD, […]

Read more

What Are the Pros and Cons of Rolling Deployments?

May 26, 2023

Rolling deployments use a software release strategy that delivers new versions of an application in phases to minimize downtime. Anyone who has lived through a failed update knows how painful it can be. If a comprehensive update fails, there are hours of downtime while it is rolled back. Even if the deployment happens after hours, […]

Read more