Blog

Company Updates & Technology Articles

Policy-as-Code or Policy-as-Data? Why Choose?

What is the difference between the policy-as-code and policy-as-data approaches? Which is better? Do you really have to choose? Find out more in this post.

Blog post cover

OPA natively consumes OCI images

OPA can now consume policy bundles packaged as OCI images. Used together with the Policy CLI, you can build, tag, push, and pull policies just like docker images.

May 18th, 2022

Blog post cover

Aserto delivers comprehensive access control by bringing together trusted Cloud Native Ecosystems

By bringing together OPA, OCI, and Sigstore, Aserto enables organizations to achieve an end-to-end policy-as-code solution using three trusted open source projects.

May 18th, 2022

Blog post cover

Policy-as-code for Docker and Kubernetes with Conftest / Gatekeeper

In this post, we'll explore how Aserto uses Policy-as-code to centrally define our important engineering best practices and share them amongst a diverse set of teams and microservices.

May 12th, 2022

Blog post cover

Feature Review: Decision Logging

Aserto can collect and manage decision information from all your authorizers, including sidecar and other kinds of locally deployed ones. In this post, we will give an example of how to tap into the data generated by Aserto’s decision logging.


May 5th, 2022

Blog post cover

Creating a Rego policy for a Todo application

Aserto uses the Open Policy Agent (OPA) as the decision engine for evaluating authorization decisions. Rego is the policy language for defining rules that are evaluated by the OPA engine. In this tutorial, we’ll demonstrate building a Rego policy for a simple Todo application.

Apr 28th, 2022

Blog post cover

GitLab Integration is here!

Today we’re happy to announce that Aserto supports GitLab as a source-code provider! You can now use both GitLab and GitHub to store and version your authorization policy code.

Apr 21st, 2022