Policy as Code - CI/CD Glossary Definition
Policy as code expresses governance rules as executable definitions that your pipeline checks on every change.
Policy as code is the practice of writing organizational rules (security, compliance, cost) as version-controlled, machine-evaluated definitions that a CI/CD pipeline enforces automatically instead of relying on manual review.
By encoding policy in files that live beside your source, teams get consistent, testable, and auditable enforcement across every pull request and deployment.
In CI/CD
A policy-as-code check runs as a pipeline step: it evaluates manifests, IaC plans, or config against rules and fails the build when a rule is violated, giving developers feedback before merge.