Compliance-Aware Platform Engineering

Explore how to integrate compliance requirements into platform engineering practices through this 26-minute conference talk from Conf42 Platform Engineering 2025. Learn about the regulatory landscape and its design implications for modern platform engineering, examining how delivery models have evolved to accommodate compliance needs. Discover the fundamental building blocks of compliance by design and understand the specific challenges faced in financial services environments. Examine the evolution of platform engineering and how provisioning frameworks can enforce policy compliance automatically. Understand how golden images contribute to maintaining compliance standards and explore continuous integration and continuous deployment (CI/CD) approaches that embed compliance checks throughout the development lifecycle. Master the concept of Policy as Code and learn how to enable self-service capabilities while maintaining strict compliance requirements. Analyze a real-world case study from a financial organization that successfully implemented compliance-aware platform engineering practices. Review a practical implementation roadmap for organizations looking to adopt these approaches and understand the key takeaways for building compliant, scalable platform engineering solutions in regulated industries.

Syllabus

00:00 Introduction and Speaker Background
00:37 Understanding Compliance in Platform Engineering
02:26 Agenda Overview
02:56 Regulatory Landscape and Design Implications
03:26 Evolution of Delivery Model
03:45 Building Blocks of Compliance by Design
04:44 Compliance Challenges in Financial Services
06:52 Platform Engineering Evolution
10:01 Provisioning Frameworks and Policy Enforcement
13:27 Golden Images and Compliance
15:33 CICD and Continuous Compliance
17:21 Policy as Code
19:56 Enabling Self-Service with Compliance
22:37 Case Study: Financial Organization
24:25 Implementation Roadmap
25:23 Key Takeaways and Conclusion