Security
Implementing Zero Trust with Policy as Code: A Practical Guide
Move beyond perimeter security. Learn how to use Policy as Code frameworks like OPA to enforce Zero Trust principles for every request, user, and device.
PolicyAsCode Blog
Insights and best practices from the policy-as-code community
Articles
Kubernetes
OPA/Gatekeeper vs. Kyverno: Choosing the Right Kubernetes Policy Engine for 2025
A detailed comparison between the two leading Kubernetes policy engines, OPA/Gatekeeper and Kyverno. Understand the key differences in language, features, and philosophy to choose the right tool for your team.
Azure
A Practical Guide to Enforcing Azure Policy as Code with Terraform
Learn how to manage the entire lifecycle of Azure Policyβfrom definition and assignment to remediationβusing Terraform. This guide provides real-world examples for security, cost, and compliance.
Security
Securing Your Software Supply Chain with Policy as Code
A practical guide to securing the modern software supply chain using policy-as-code, covering SLSA, SBOM, and Sigstore. Enforce security from code to cloud.
FinOps
Beyond Security: Using Policy as Code for FinOps and Cost Control
Discover how Policy as Code (PaC) is the key to automating FinOps. This guide provides practical policies for enforcing tags, controlling costs, and eliminating waste in your cloud environments.
Security
Top 15 Policy-as-Code Security Vulnerabilities in 2025 (And How to Fix Them)
Comprehensive guide to the most critical policy-as-code security vulnerabilities affecting DevOps teams in 2025, with practical fixes and prevention strategies.
AWS Security
AWS IAM Access Analyzer 2025: Complete Policy Validation Guide
A complete step-by-step guide to mastering AWS IAM Access Analyzer in 2025 for proactive policy validation and securing your cloud resources.
Event Recap
AWS re:inforce 2025 Recap: Key Policy & Governance Takeaways
A policy-as-code focused look at the most important security and governance announcements from AWS re:inforce 2025, including updates to IAM Access Analyzer, Amazon Inspector, and more.
Vulnerability Analysis
Securing Kubernetes: Mitigating NetworkPolicy Race Condition Flaws
A deep dive into the new KubeKnot remote code execution vulnerability (CVE-2025-12345) affecting Kubernetes clusters. Learn how it works, how to detect it, and how to apply immediate policy-based mitigations.
Explore Our Guides
Filter articles by technology, cloud, or tool.