Hi everyone. Craig from DoiT back again to show you a brand new capability in CloudFlow called Policies that takes automation and governance to the next level. If you've ever tried to enforce configuration standards across your cloud environments, like restricting EC2 instances to certain machine types or regions, you know how messy it can get. You can write scripts, build guardrails, or integrate external policy engines, but those approaches are hard to maintain and tightly coupled to specific workflows. Plus, every time your standards change, you have to edit logic across multiple automations, which is a recipe for drift inconsistency and operational risk. CloudFlow Policies were built to solve this exact type of problem. Policies are independent rule sets that validate the configuration of a single resource type like EC2, S3 or RDS. Found on the CloudFlow home screen Policies can be created with simple rego language stored independently and evaluated through an API that returns compliant or non-compliant results complete with detailed failure reasons. This decoupling means your validation logic is managed centrally while your automations stay clean, reusable, and easy to maintain. Let's take a look at a CloudFlow that uses a policy for EC2 workload compliance. The flow starts with a trigger, in this case, a new EC2 instance being spun up as detected by DoiT Cloud Intelligence. Next we run a DescribeInstances API call to extract the configuration of this new EC2 instance that was spun up. We then add a policy node referencing our pre-configured EC2. This policy defines which machine types are approved for deployment. For example, limiting to t3 or m6i families in specific regions. The policy node evaluates each instance and returns a compliance result for every one. We then filter that list to isolate the noncompliant instances. And finally take action. In this case, CloudFlow automatically shuts down the non-compliant EC2 instances, but that final step could just as easily trigger a notification via Slack or email or open a Jira ticket. Whatever fits your organization's governance workflow. With CloudFlow Policies, you can now enforce configuration standards dynamically without embedding rigid logic into every automation. Your compliance rules stay consistent. Your flows stay clean. And your engineers stay focused on building rather than policing. Thanks for watching. For more information about CloudFlow and how you can apply it to other recurring FinOps tasks, head over to DoiT dot com.
