Governance in software delivery is the ability to create and enforce policy within the process of building and delivering software. Our modern approach to software delivery governance empowers teams with stable processes that increase delivery velocity.
As companies compete in the digital economy, velocity is critical. Security vulnerabilities and policy violations cost organizations downtime, revenue loss, and other serious consequences. Harness provides a modern approach to governance that will not slow your time to market. such as policy as code and remote secrets management.
One of the premier governance services of our platform is Policy as Code, powered by the popular open source project Open Policy Agent. The Harness Policy as Code is a unified approach across the entire software delivery life cycle, in addition to infrastructure it is dependent on. The policies are decoupled from each service, providing maximum performance and availability.
Harness implements governance across the entire platform, as well as in each module individually.
Powered by Open Policy Agent (OPA), Policy as Code provides developer velocity without sacrificing compliance and standards. Policy as Code is a centralized policy management and rules service that empowers enterprises to centrally define and monitor policies that are enforced across all delivery pipelines and processes. We integrate with CI, CD, and Feature Flags enforcing automated approvals, denials, and other advanced pipeline functionality. Check out our technical documentation to learn more.
Harness includes a built-in Secrets Management feature that enables you to store encrypted secrets, such as access keys, and use them in your Harness applications. We offer extensive support for third-party secrets management, including CyberArk, AWS KMS, Azure Key Vault, Google KMS, Hashicorp Vault, and more.
Harness authorization verifies what specific applications, files, and data an authenticated user has access to. Harness authentication supports 2FA, password strength, domain restrictions, and SSO. Our Single Sign-On supports OAuth 2.0, LDAP, and SAML, and it includes third-party integration through APIs, including Azure AD and more.
Easy compliance audits with UI integration and YAML diff comparison per event.
Gain control over pipeline creation, modification, and execution. Granular Role-Based Access Control over configuration, production and non-production workflows. Set permissions easily with config as code YAML files and more.
Corey Wagehoft | Lead Systems Engineer | Relativity