Computer systems are increasingly implementing “everything as code” protocols to manage systems and their infrastructure. This is especially true in cloud computing environments, which may implement a variety of virtual machines and virtualized instances that run applications and other processes. Storing configurations, operational policies, etc. as code files is useful for automating management of systems and applications. As these techniques become more prevalent, however, problems arise. Many of the different code files used by different systems or applications rely on a unique vocabulary, syntax, and/or structure. These differences between code files make it very difficult for the files to be read and applied across platforms, or to be read by management systems designed to read and manage code across multiple platforms. Difficulties also arise with cross-platform communication when two platforms rely on a different file vocabulary, syntax, or structure.
Managing these code files is especially important in the context of operational or security policies that define permissions associated with an identity (e.g., user, account, virtual instance, application, etc.). Policies assigning an unnecessarily large scope of permissions may present an unnecessarily large attack surface for malicious entities to exploit. Thus, dynamically managing policies and their associated permissions is an important part of system security. Some existing schemes rely on analysis of prior user behavior or application activity to manage policies. Such schemes, however, do not permit preemptive management of the policy code files because they conduct the analysis after activity has already occurred. Thus, these systems have a heightened risk of security breaches because issues cannot be identified until after some amount of activity has occurred.
Accordingly, in view of these and other deficiencies in existing techniques, technological solutions are needed to automatically process and analyze code files associated with multiple platforms in order to manage policies in an efficient and autonomous manner. Such solutions should be able to process and analyze diversely structured policies over any platform independently and without regard to whether any activity related to the policy has already occurred. Solutions are also needed to facilitate communications between platforms that use different vocabulary, syntax, structure, etc. for their code files. It would be advantageous for such solutions to permit cross-platform sharing and implementation of policies or other code files.