PlainID supports effective Policy lifecycle management by enabling integration with customer-owned DevOps processes and tooling. While core lifecycle operations—such as creation, version control, review, and deployment—are managed externally, PlainID provides the necessary structure, guidelines, and integration points to support a streamlined, auditable workflow.
Policy Creation and Drafting
Policy authoring typically begins outside of the PlainID platform. Requirements are gathered and translated into Policy logic, which can be defined using structured formats such as REGO. This supports Policy-as-Code practices, enabling better maintainability and traceability over time.
Version Control and Backup
Version control is handled entirely through customer-owned systems like GitHub or GitLab. Policy definitions and related configurations are stored in these repositories to ensure proper versioning, history tracking, and backup. To assist with this integration, PlainID offers sample code and recommended structures for managing Policies as code assets.
Review and Approval
Reviews and approvals are conducted through the customer's existing processes—whether through GitHub pull requests, dedicated workflow tools, or internal governance systems. This external handling allows teams to maintain separation of duties and enforce organization-specific approval models.
Deployment and Promotion
Policy deployment and promotion across environments (e.g., from development to production) are executed via external CI/CD pipelines. Using Policy-as-Code and Configuration-as-Code practices, organizations can manage changes systematically and ensure consistency between environments.
PlainID’s current approach to Policy lifecycle management is fully compatible with DevOps methodologies. Customers can benefit from the flexibility to align Policy management with their existing infrastructure and governance processes.