Skills

policy-as-code

Installation
SKILL.md

Policy as Code

Automate policy enforcement through code using OPA/Rego, Kyverno, Checkov, and CI/CD integration to prevent compliance violations before they reach production.

When to Use

  • Enforcing security and compliance policies on infrastructure-as-code changes
  • Preventing misconfigured Kubernetes workloads from deploying
  • Automating guardrails in CI/CD pipelines for Terraform, CloudFormation, or Helm
  • Implementing organizational standards that must be consistently applied
  • Replacing manual approval gates with automated policy checks

Open Policy Agent (OPA) Rego Policies

# deny_public_s3.rego - Deny S3 buckets with public access
package terraform.aws.s3

import rego.v1
Installs
63
Repository
bagelhole/devop…t-skills
GitHub Stars
31
First Seen
Feb 4, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass
policy-as-code — bagelhole/devops-security-agent-skills