Policy-as-code is the idea of expressing rules using a high-level programming language and treating them as you normally treat code, which includes version control as well as continuous integration and deployment. This approach extends the infrastructure-as-code approach to also cover the rules governing this infrastructure, and the platform that manages it.
Spacelift as a development platform is built around this concept and allows defining policies that involve various decision points in the application. User-defined policies can decide:
- who gets to log in to your Spacelift account and with what level of access;
- who gets to access individual Stacks and with what level of access;
- how Git push events are interpreted;
- which Runs and Tasks can be started;
- which changes can be applied;
- which one-off commands can be executed;
- what happens when blocking runs terminate;
You can refer to this section to learn more about commonalities and differences between these policies, or to the dedicated article about each policy to dive deep into its details.
Top comments (0)