Red Hat introduces ‘policy as code’ for Ansible

Red Hat Ansible’s new “policy as code” capabilities will help users of the infrastructure automation platform to increase efficiency, reduce human error and improve the ability to meet governance, compliance, security and cost objectives, the company announced this morning at the Red Hat Summit in Denver. And it will help position Red Hat for an increasingly AI-dominated future.

The new capability, a tech preview of which is slated for availability “in the coming months,” will help enforce policies and compliance across hybrid cloud estates that increasingly include a varied and growing number of AI applications, the company announced. It enables high-level strategies for automation maturity “to better prepare organizations for sprawling infrastructure in support of scaling AI workloads,” Red Hat says.

The problem, says Sathish Balakrishnan, vice president and general manager for Red Hat’s Ansible business unit, is that as AI scales the capabilities of individual systems beyond what humans can manage, the challenge of maintaining IT infrastructure grows exponentially.

And even before infrastructure is focused on AI workloads and services, mission critical systems are still impacted by compliance mandates for security, performance, and auditability, he says. Even today, implementing these policies requires time, attention, and cross-functional team collaboration and documentation. “Mistakes can be costly,” he adds.

According to Balakrishnan, the enterprises who will benefit the most from the new capability are those looking to take advantage of AI. “In many ways, AI is the final stage of the automation adoption journey,” he says. “In the context of enterprise IT ops, AI means machines automating processes, machines connecting infrastructure and tools to make them more efficient, and machines making decisions to improve resiliency and reduce costs.”

That’s a shift in how IT ops is conducted, he says, and nearly every tool or platform in the environment is already introducing new AI capabilities. “This will provide you with vast new amounts of data, insights and intelligence,” he says. “But to make it all actionable, you need to be able to orchestrate it all – and you need to be able to harness the new intelligence to optimize your stack.”

So, for any organization looking to leverage AI, automation is mission-critical, he says.

Say, for example, a company is using the AI-powered Ansible Lightspeed service to accelerate automation development. If “policy as code” is infused from the start, content creators can write code that automatically maintains mandated compliance requirements, he says, “greatly reducing the impact of skills gaps and human error in IT operations.”

At British banking and insurance company NatWest Group, for example, adding policy capability to automation will allow for increased compliance and adherence to regulations, says Baljinder Kang, the company’s director of enterprise engineering, in a statement. “We think this is necessary as we look to add AI capabilities to continue to enhance our tooling to drive increased value in our solutions to meet our customer needs,” he says.

The big public clouds – hyperscalers like AWS, Microsoft Azure, and Google Cloud Platform – are also moving in the direction of policy as code, says IDC analyst Stephen Elliot.

“They have lots of point tools,” Elliot says. “Typically, customers tell us that they have Cloud Watch, they have CloudTrail, they have AWS Systems Manager. The tools are either free or almost free. They’re good enough, cheap enough. They need them for visibility into the AWS environment.”

But once enterprises move outside of a particular cloud, they need to use other tools, such as Ansible or Terraform. “Red Hat is all about supporting all the clouds,” Elliot says. “Ansible is all about automating things across all the clouds — part of the value is multi-cloud support. Most of the public cloud providers only care about their own cloud, and for very good reasons.”

However, enterprises are still far from being able to rely fully on automation for policy enforcement, he says. With AI-powered automation, in particular, “the hype is way ahead of what we’re capable of,” Elliot says. “There’s a lot of experimentation this year, and there’s a lot of money put into these AI experiments and AI use cases, but this is going to take a little time.”

Still, companies should be looking at this now, he says. “You’ve got to start somewhere,” he says. “You have to think about how you would define a use case for policy as code.”

With Red Hat Ansible, there are so many users and companies using this that many companies will be able to figure out how to drive some efficiencies and cost improvements.

“Speed is the ultimate competitive weapon,” Elliot says. “If you’re not talking about it, you’re already losing. And if you are talking about it, make some decisions about your investments.”