Nov 12, 2019 by Beth Fuller
Note: This news was announced here as a press release on 11/12/2019.
Armory’s newly released Open Policy Agent (OPA)-based Policy Engine for SDLC gives enterprises fine-grained control of the software delivery process by providing the hooks necessary to perform extensive verification of pipelines, processes, and policies in Spinnaker.
The new Policy Engine for SDLC unleashes the full power of Spinnaker with automation to harness the promise of multicloud delivery environments. Armory scales and automates policies across the entire SDLC, putting you in control no matter how complex your delivery infrastructure or regulatory environment.
With the Armory Policy Engine for SDLC, you can set guardrails and controls per-application, per-pipeline or per-project to manage and enforce security, regulatory, compliance or business policies using granular role-based entitlement. Unlike other proprietary policy engines, Armory’s OPA-based Policy Engine for SDLC deeply integrates with many enterprise systems of record. It provides a trusted, single pane of glass for management and control as part of a rigorous, intelligent platform that lets you “set-and-forget.”
Register for a live webinar December 5th at 10am PT / 1pm ET, featuring demos of Policy Engine for SDLC.
Unleashing the Power and Automation of Spinnaker, With Guardrails
You want to move fast and innovate but can’t sacrifice compliance with regulations, internal policies, and security best practices. Companies with complex security policies or in highly regulated industries with multiple compliance standards — FedRAMP, SOC 2, NIST, or ISO, for example — find this problem especially painful. Armory’s Policy Engine for SDLC enables automatic adherence to these requirements.
Your company likely struggles with the bottleneck many organizations face as they adopt automation in delivery and service ownership: hesitation to hand over full control to DevOps until compliance guarantees are in place. Policy requirements and context are fragmented across systems of record, and security teams must review changes for compliance. The Armory Policy Engine for SDLC is context-aware across the SDLC and connects to systems of record within the enterprise. It automatically infers context to confidently craft policies, from code commit to the point at which a service or feature ends up in customer’s hands. Now, your teams can deploy a single policy engine across the SDLC instead of enforcing siloed policies or creating home-grown policy engines. The result? Break down silos and bottlenecks to accelerate delivery while maintaining the guardrails required by your internal or industry policies.
The process of identifying compliance gaps and updating policies across your SDLC as regulations change requires manual work that slows software delivery. Armory’s Policy Engine for SDLC centralizes the creation, application, and continuous updating of policies for a trusted set-and-forget policy model. You can instantly identify compliance gaps and set policies to bring your organization into compliance. You can also create custom policies. For example, set ISO 27000 compliance policies with Policy Engine for SDLC, and it will continuously update policy definitions while monitoring for compliance — removing the burden of manual updates.
Armory Makes Your SDLC Standardized, Streamlined, Compliant and Cost-Effective
Armory Spinnaker is cloud-neutral, cloud-agnostic and vendor-lock-in-free, allowing you to streamline and standardize your SDLC. With Policy Engine for SDLC, you can manage policies across your entire SDLC with context and fine-grained controls. These include regulatory, compliance, operational, security, and business policies, including a focus on enterprise ROI.
Armory’s single pane of glass view across Spinnaker and the SDLC gives the policy engine insight and context for automated decisions on optimizing ROI for cloud delivery decisions, so you can avoid costly mistakes, security failures and compliance violations.
Business, Cost, and Continuity Policies
Drive automated ROI optimization and maximize delivery performance.
Guardrail and RBAC Policies
Leverage automation to strike a balance between DevOps empowerment and guardrails.
Implement automated policies at every stage based on your DevOps and delivery requirements.
Achieve service ownership while adhering to required security policies.
Regulatory and Compliance Policies
Automate compliance with existing and emerging regulations across your SDLC.
Armory Policy Engine for SDLC: Product and Implementation Details
The Armory Policy Engine for SDLC is based on the trusted OPA framework. The selection of OPA is aligned with our philosophy of providing a cloud-agnostic, neutral framework that does not create vendor lock-in. OPA provides a high-level declarative language that lets you specify policy-as-code, and simple APIs to offload policy decision-making. Implementation of the policy agent uses OPA-style policy documents to perform validation of pipelines during creation and updates via the familiar ‘input’ variable. See a demo here.
You can apply policies on a per-application, per-pipeline, per-pipeline-stage, or per-project basis, and policies can be applied to stages as they are dynamically generated. Future versions of the Policy Engine for SDLC will ship with predefined policies.
Introducing Quick Spin One of the most common challenges that organizations face when implementing a continuous deployment strategy is the time and focus that it takes to set up the tools and processes. But a secure, flexible, resilient and scalable solution is available right now. Want to see if it’s the right tool for your […]
Read more →
Spinnaker is the most powerful continuous delivery tool on the market. DevOps engineers and developers recognize this power and are looking to use Spinnaker as a foundational tool in their Continuous Integration and Continuous Delivery (CI/CD) process for hybrid and multi-cloud deployments. Such a powerful, expansive open source tool needs expertise within your organization to […]
Read more →
Today, Armory is excited to announce the availability of the GitHub Action for Armory Continuous Deployment-as-a-Service. GitHub is where developers shape the future of software. After a developer writes and tests their code in GitHub, it must be deployed. Armory’s GitHub Action for Continuous Deployment-as-a-Service extends the best-in-class deployment capabilities to Kubernetes. CD-as-a-Service enables declarative […]
Read more →