Policies Overview

Policies are used to regulate cloud usage within an organization. env0 supports runtime and deployment policies as described below.

Policies are used to:

  • Enforce organizational policies of cloud resources provisioning (who can provision, when can they provision, and what resources can they provision)
  • Implement best practices
  • Mitigate risks by applying guardrails

All while maintaining flexibility and autonomy within env0.

Runtime Policies

Runtime policies are native to the env0 system, and are consistently monitored and enforced, when creating, deploying or configuring environments.

The policies are enforced both in the UI and when using the API.

Runtime policies include

Deployment Policies

Deployment policies are enforced when deploying or redeploying an environment (whenever changes are made to the environment) to ensure compliance with security, governance, or other standards.

Deployment policies are based on the Open Policy Agent (OPA) framework and are invoked at the appropriate deployment stage using the Approval Policies feature.