Overview

  • We at OpsMx have developed the Compliance Management feature which simplifies and strengthens compliance with regulations across CI/CD.
  • Also, improves visibility into control effectiveness, and helps to ensure timely issue remediation. It also aligns internal policies, standards, laws, and regulations, thereby eliminating inefficiencies and redundancies.

Why Compliance Service?

Compliance service helps achieve the below:

  • Enforcing pipeline stage structure based on enterprise rules to reject changes that are non-compliant
  • Version the pipeline configurations modified in all applications

How Compliance Service works ?

Rules are specified in flat file or another persistent store. The rules specify the event type and expected rule. We will define a set of possible constructs/primitives that will be used to define rules. Custom rules and extensions can be done with custom implementations by defining a rule class and possible parameters to which the controller can route the evaluation. The response structure and the input are predefined based on initial rule implementations.

What are the prerequisites for Compliance Service?
Apart from a Spinnaker instance, Compliance Service depends on the Event Data that would be received from Spinnaker Echo service using configurations made on the Spinnaker servers.

How to enable OpsMx Compliance Service?
Download OpsMx compliance as part of the Autopilot package

Does Compliance service works with Open Source Spinnaker?

Yes. It does.

What kind of things I can do with Compliance Service?

Can make all of the deployments, compliant friendly according to the organizational requirements.

Benefits

It provides the ability to define the policies, being able to automate feedback mechanism from various groups and automated verification of the feedback to control the flow of delivery pipeline.

Use-Case

A part of the event’s incoming data holds the information about the current pipeline. Based on compliance rules defined in a flat file, the data is filtered and verified if it adheres to those rules. According to the compliance status and related actions that are defined to be performed, the system filters and acts upon the pipeline configuration data. Further this filtered data is versioned and saved in a suitable system.

If you need assistance, we’re available at hello@opsmx.com.