Designing and Scaling OPA for PCI-DSS and HIPAA Compliance in AWS

Chintakayala, Dhanusha Siva Priya

Designing and Scaling OPA for PCI-DSS and HIPAA Compliance in AWS

Tools

Chintakayala, Dhanusha Siva Priya (2025) Designing and Scaling OPA for PCI-DSS and HIPAA Compliance in AWS. Masters thesis, Dublin, National College of Ireland.

Preview	PDF (Master of Science) Download (1MB) \| Preview
Preview	PDF (Configuration Manual) Download (963kB) \| Preview

Abstract

As the cloud native infrastructure gets more dynamic and complex, the level of difficulty maintaining its compliance with regulatory standards, such as PCI-DSS and HIPAA, pose challenges to DevOps teams. The traditional manual compliance verification methods are known to be time consuming, error prone and are in most cases taking to configuration drifts. This research proposes an automated solution using Terraform for infrastructure provisioning and Open Policy Agent (OPA) for policy enforcement within an AWS CodePipeline-based CI/CD workflow.

The declarative Rego policies stored in version controlled S3 buckets are continuously validated before the infrastructure code is applied to the cloud environment. The performance of the system is evaluated experimentally across different dimensions including formation time, accuracy of compliance, execution timing stagewise, and scalability (Policies of Observation Planning) with the growing number of OPA policies.

Results show that the automated compliance pipeline improves configuration accuracy by more than 30% and minimally reduces formation time (up to 86% improvement) over manual methods. For instance, the validation of 35 policies takes less than 0.3 seconds. This research describes in detail how policy enforcement can be made operational with Terraform and OPA to ensure compliance as well as deployment agility in cloud infrastructure management.

Item Type:	Thesis (Masters)
Supervisors:	Name Email Estrada, Giovani UNSPECIFIED
Subjects:	Q Science > QA Mathematics > Electronic computers. Computer science T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science T Technology > T Technology (General) > Information Technology > Cloud computing Q Science > QA Mathematics > Computer software > Computer Security T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions:	School of Computing > Master of Science in Cloud Computing
Depositing User:	Ciara O'Brien
Date Deposited:	21 Nov 2025 14:28
Last Modified:	21 Nov 2025 14:28
URI:	https://norma.ncirl.ie/id/eprint/8952

Actions (login required)

View Item