docs: add policy as code to trial

radar/2022-10-12/policy-as-code.md

@@ -0,0 +1,24 @@
+---
+title:      "Policy as Code"
+ring:       trial
+quadrant:   methods-and-patterns
+tags:       [devops, ci/cd]
+---
+
+With the rise of cloud infrastructure and DevOps practices, traditional methods of policy enforcement such as manual 
+reviews and audits are no longer sufficient. By using code to express policies for the entire infrastructure and
+application stack, automated compliance checks become a natural part of the software development lifecycle, 
+e.g. via integration into a projects' CI/CD pipeline and could even prevent a configuration change or deployment
+if a critical issue was found.
+
+One of the key benefits of Policy as Code is the ability to catch potential issues before they become risks. For 
+example, a policy could be defined to ensure that all S3 buckets are encrypted, or that all EC2 instances have a 
+specific set of tags. 
+
+There are a number of tools and frameworks available for implementing Policy as Code. At AOE, we are mainly relying on
+[Checkov](https://www.checkov.io/), [Kyverno](https://kyverno.io/) and [AWS Config](https://aws.amazon.com/config/)
+at the time of writing. Each tool provides a way to define policies in code and then automate policy enforcement. 
+They also provide visibility into the compliance status of infrastructure and application configurations.
+
+By defining policies as code, development teams can ensure that policies are version-controlled, easily auditable, 
+and consistent across all environments.