Although the terms Policy and Rule are often used interchangeably, there is a subtle difference here.
A Rule is a specific individual constraint. It consists of specific instructions that you write in the form of a Rego statement for custom rules, or specific parameters that you configure for existing Rego statements used in built-in rules.
For example, you may define a rule that specifies only images from an explicitly authorized registry can be deployed.
A Policy is a collection of rules. Those rules codify a real-world policy describing procedures or behaviors for conducting business that are typically documented in written form in an employee handbook, WIKI, or Runbook. When a policy is applied to a system, it enforces or monitors the behavior of that system and its users.
Because you can distribute a complete collection of code-based policies to Styra OPA at the same time, the collection is called a Policy Bundle.
The policy lifecycle involves the following tasks:
Define Policy Rules: Define the policy using built-in or custom rules.
Validate and Analyze Policies: Validate the policy before distribution to analyze the impact the policy would have if you were to enforce it.
Publish Policies: Publish the policy to monitor and enforce compliance.
Replay Enforcement Decisions: Replay policy decisions in real-time or in the historical context.
For more information on