When we hear the term Policy as Code, it’s for the most part associated with the enforcement aspects of applying policy at scale within organizations. Whether in the context of GitOps or just popular open source projects like Open Policy Agent (OPA), applying global policy is the end goal.
However, OPA as an open source project is quite unique in its capabilities. There is a whole pre-enforcement set of tools that provide incredible insights into our systems that have long been overlooked. A new wave of infrastructure drift has arisen in the cloud world due to the layers of abstraction and automation. When building Firefly, we channeled the power of OPA as a policy discovery engine, not just an enforcement mechanism.