Implement Standards from a Single Console
Disparate systems, multiple dashboards, and a variety of configuration management tools already lead to complexity and confusion. Now, with providers offering policy-as-code solutions that only support their platform, it’s possible you’ll find yourself in a situation where one critical setting is configured one way, and the equivalent setting on another platform is configured in a completely different way. This is discouraging.
Many practitioners look towards open-source solutions and avoid this type of lock-in. In certain situations, open-source software may not offer the required level of support high-risk mission-critical components need. Consolidating and building cohesive visibility across your entire fleet can also be a challenge depending on the maturity of the tools you are using.
Magalix avoids these problematic scenarios by providing a single management interface to control, enforce and visualize the state of compliance for all of your clusters.
Policy Management in Action
The best way to describe how our Policy Management Console implements standards is to present a real-world example. Say you wanted to allow container images from an approved list of container registries. Using an already existing Magalix Template, all you would need to do is add a list of approved registries to a cluster.
Example policy where approved_registry is the name of the approved registry.
Once the Policy is ready to be applied, you can press the "Trigger Policy" button to start the Policy violation scan.
Each Policy is based on a Template and can be enabled or disabled. You can also specify which clusters a Policy applies to, and which Kubernetes Kinds to target. Taking the example above, If you wanted to have one set of approved registries for a Dev cluster, and a different set for a Prod cluster, you could achieve that by creating two Policies from the same Template and then adding each policy to the right cluster.
Stay in Control
At any given time you may want to see how your cluster sits with all the enabled Policies. Our Violations page provides detailed views of each policy and exactly which entity is in violation.
Drill down to see exactly which entities are in violation, and pinpoint what is causing the violation. See historical information about the policy and entity so you can understand the state of compliance over time.
With Magalix, achieving DevSecOps isn’t as difficult as you may have been led to believe. Interested in learning more about how to start resolving violations in minutes?
Understanding compliance across disparate providers can get complicated. Remaining platform agnostic is something we continue to remind ourselves of when deciding on the next critical component but when each provider fills a need with minimal integration with their other services, the choice might initially seem like a no-brainer. It’s a shame not everything plays nicely together.
Policy-as-code services are integral to keeping your production environments compliant and secure. If you are using multiple cloud providers, you may have already encountered a lock-in situation. Look for solutions that remain agnostic. If you aren’t in the cloud or aren’t yet using multiple offerings, rolling out your own solution has a lot of pros, but as you think about the future, your solution should remain compatible across platforms, across vendors, and across your infrastructure as code.
Have a favorite tool? Drop us a line and let us know which tools you’re working with to see if we support it. We are continuously expanding our product’s capability so we just might have a solution for your unique set of requirements.