Contents x
    Policy Authoring
    • 27 Feb 2025
    • 1 Minute to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Policy Authoring

    • Updated on 27 Feb 2025
    • 1 Minute to read
    • Print
    • Dark
      Light
    • PDF
    Article summary

    Management APIs for Policy Authoring

    Management APIs for Policy Authoring help create, update, and promote Policies to Environments.

    PlainID uses Rego for Policy as Code (PaC) and JSON for Config as Code (CaC) to optimize policy management and follow industry best practices. This approach separates business logic from system configuration, improving maintainability, scalability, and usability.

    Policy Authoring with Rego

    Rego is a purpose-built language for policy definition, chosen for its expressiveness and compatibility with Open Policy Agent (OPA). Since Policies encapsulate the logic that dictates access control and decision making, using a purpose-built language like Rego provides several advantages, including:

    • Policy as Code (PaC): Treating policies as code enables version control, peer reviews, and automated deployments. This aligns with modern DevOps practices, ensuring policies are auditable and robust.
    • Standard and Compatibility: Rego is widely adopted and fully compatible with OPA, simplifying integration and fostering ecosystem support.
    • Expressiveness: Rego’s design makes it ideal for defining complex policy logic with precision and efficiency.

    Configuration Management with JSON

    JSON is the format for defining Templates, Applications, Mappers, and other dependencies — elements representing physical configurations rather than business logic. Key features include:

    • Standardization: JSON is a widely recognized format, making it flexible enough to support different policy languages in the future.
    • Simplicity: JSON is easy to read, write, and parse, making it ideal for defining data structures.
    • Separation of Concerns: Keeping configuration separate from policy logic avoids coupling dynamic decision-making with static setups, enhancing clarity and adaptability.

    This architecture leverages the strengths of both Rego and JSON, allowing policies and configurations to be easily deployed in OPA and potentially other engines. By adopting this best-practice approach, organizations gain a scalable, flexible, and future-proof policy management solution.

    Environment Flow Migration

    These APIs are designed to automate Policy Management by supporting API requests between different Environments like development, staging, and production:

    image

    Was this article helpful?
    What's Next