policyyaml

Policyyaml is a human-readable, YAML-based policy language used to declare governance and security rules for software systems. It emphasizes declarative policies that can be versioned, audited, and automated, and is designed to be readable by both humans and machines.

Structure commonly includes fields such as apiVersion, kind, metadata, and spec. The spec contains one or more

Validation and tooling: policies are validated against a defined schema or policy schema. Tooling such as linters,

Use cases include access control, compliance enforcement, configuration governance, and resource management. Policyyaml can integrate with

History and adoption vary by ecosystem; policyyaml emerged as a common YAML-based approach in policy-as-code workflows,

Example

apiVersion: policyyaml.org/v1

kind: Policy

metadata:

name: deny-root-login

spec:

description: Deny login attempts by privileged users

rules:

- id: R1

match:

user: "root"

action: "login"

effect: deny