Skip to main content

Provide Guardrails

Provide Guardrails underscores the importance of implementing robust policies and guardrails within the StackGuardian environment. This exercise introduces Tirith, StackGuardian's Open Source Policy Engine, allowing you to set and enforce standards across resources and attributes efficiently. Key takeaways include:

  • Identifying Shortcomings: Analyzing existing cloud deployments for cost, security, compliance, and best practices to pinpoint areas for improvement.
  • Creating and Enforcing Guardrails: Utilizing Tirith to proactively establish guardrails that automate the approval process, handle exceptions, and ensure continuous compliance.
  • Drift Detection: Maintaining ongoing compliance by detecting drifts in deployment and rectifying them promptly.

Utilizing Tirith for Policy Management: Engage with Tirith's policies to manage IaC attributes, understand the structure of these policies, and apply them to actions like resource creation or deletion within the Terraform plan.

Cost Management: Explore policies centered on cost, including the static evaluation of resource costs and the forward-looking dynamic cost calculations.

Applying Policies to Workflow Groups: Learn to activate policies within workflow groups to witness firsthand how policies influence deployments, such as by failing a workflow if it doesn't meet the required tags, thus enforcing compliance.

To fully grasp the implementation of policies and guardrails, and to see them in action, proceed to the StackGuardian Hands-On Workshop: Providing Guardrails.