> For the complete documentation index, see [llms.txt](https://docs.opsmx.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.opsmx.com/opsmx-1/opsmx-context-engine/additional-resources/previous-releases/isd-3.10/data-and-intelligence-module-autopilot/continuous-compliance-policy/policy-management-overview.md).

# Policy Management - Overview

{% hint style="info" %}
This is an older version of the document. To view the most recent version of the document, click [here](https://docs.opsmx.com/products/data-and-intelligence-module-autopilot/continuous-compliance-policy/overview-1).
{% endhint %}

### Introduction

A Policy is an Execution Condition. Organizations usually have a certain criteria to be checked before or during the execution of CI-CD pipelines. The pipeline execution should only begin (if the criteria is checked before the execution of the pipeline, aka, Static Policy) or proceed (if the criteria is checked during the pipeline runtime, aka, Runtime Policy) if the criteria is met.&#x20;

\
Static policy lets users validate conditions before the start of execution, whereas Runtime policy enables users for automated decision making during execution. <br>

A Policy defines a set of conditions/criteria that needs to be checked. As an example, a policy could be created to define a blackout window period (or a moratorium period) for performing production deployments. A moratorium period defines the time period within which no production deployments should be performed. Any deployment to the production environment during this period will automatically be rejected/stopped, if that deployment is triggered during the moratorium period. <br>

OES lets users create a policy and use it for different applications to validate the criteria defined in the policy at runtime during the pipeline execution. The policy can define custom conditions required to be validated. This enables OES users to make decisions at run time without any manual intervention.&#x20;

OES uses OPA policy engine for policy definition & execution. The Open Policy Agent (OPA) is an open source, general-purpose policy engine that unifies policy enforcement across the stack. OPA provides a high-level declarative language that lets you specify policy as code and simple APIs to offload policy decision-making from your software. OPA policies are expressed in a high-level declarative language called Rego. It is purpose-built for expressing policies over complex hierarchical data structures.<br>

### Overview

The policy management feature allows you to automatically create policies (in a declarative language) to set stringent guideline for safe and detailed controls on the Spinnaker deployment pipeline. This feature gives you the freedom to set or declare specific policy rules or guidelines. For e.g., Automated Testing should be completed before deployment, is a rule which must be completed when creating a Spinnaker pipeline and policies.&#x20;

Policy management also allows you to validate policies in runtime through 3rd party policy engines (like Open Policy Agent) using REST API. Moreover, security managers can quickly add, modify, delete policies in tune with business policy changes. OES Policy Management allows you to quickly declare policies and integrate with 3rd party policy managers for validations.&#x20;

Now that we have a fair idea about what Policy Management does and what are the benefits let's take a quick look how the policy management page looks. Refer to the image below:

![](/files/-MUSysv5Tz_FfDncASAk)


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.opsmx.com/opsmx-1/opsmx-context-engine/additional-resources/previous-releases/isd-3.10/data-and-intelligence-module-autopilot/continuous-compliance-policy/policy-management-overview.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.