Styra’s policy bundle management features strengthen software supply chain security

Styra introduced a comprehensive set of policy bundle management capabilities to Styra Declarative Authorization Service (DAS).

These new bundle management features are essential for meeting software supply chain security requirements and benefit customers seeking to optimize ever growing IT resource consumption and costs.

Even with OPA as a proven and stable foundation for organizations to build and consistently enforce policy governing cloud-native apps and infrastructure, organizations managing authorization still face significant challenges. Policy bundles, which include policy code and authorization data, need to be stored, accessed and deployed across the software development pipeline. Without the right policy lifecycle management system, it is extremely difficult and time-consuming to ensure the proper provenance and security of that policy data, as it is promoted from one software pipeline environment to the next.

To ensure software supply chain security and compliance, Styra DAS now can generate separate policy and data bundles so that each software pipeline environment (e.g. test, staging, and production) has its own policy-impacting data while ensuring that the policy code doesn’t change as it moves from one pipeline stage to the next. In addition, Styra DAS can access and use bundles from external registries, allowing users to work with policy bundles containing sensitive data without requiring those bundles to be stored in the Styra Bundle Registry.

“Building policy bundles from scratch is often a time consuming and costly venture for any organization, but they’re more critical than ever before in ensuring security and compliance,” says Chris Hendrix, Director of Product Management at Styra. “With Styra DAS policy bundle management, we’re helping organizations optimize their time and spend, ensuring that application developers and platform engineers can focus on what they do best – building innovative applications that drive business results.”

Styra DAS policy bundle management comprises the following features:

• Styra Bundle Promotion: Easily promote policy bundles from one software pipeline environment to the next. This helps teams to satisfy software supply chain security requirements by avoiding alteration of authorization policy as the bundle is promoted from one pipeline stage to the next.
• Styra Delta Bundles: Optimize IT resource consumption and infrastructure costs by preserving network bandwidth and compute resources when updating OPAs. This ensures that only changes are sent to the OPA, and that teams update only the latest policy and authorization data instead of the entire bundle. This prevents updated bundles from consuming more network bandwidth, CPU and memory resources, which risks authorization system performance degradation and potentially drives up costs.
• Styra Bundle Registry: Quickly and natively integrate an API and storage layer that tells OPA which bundle to download and where to download it from. The Styra DAS Native Bundle Registry removes the requirement for users to build and implement their own bundle registries from scratch, and allows Platform teams to focus on building and running applications.