How DoorDash Ensures Velocity and Reliability through Policy Automation

Infrastructure-as-code has grown in popularity over the past few years. With this codification, many companies have adopted review processes that keep their infrastructure engineers constantly reviewing code changes and busy with mostly tedious work. In addition, any failures to review infrastructure pull requests including networking changes or database updates could impact the entire organization in potentially very expensive and time-consuming ways.

To solve this problem, and prevent human error, our team at DoorDash opted to leverage open policy agent to codify rules that ensure velocity and reliability for cloud infra automated deployments.

In this presentation, I will walk you through the details of our approach at DoorDash. How we enabled our engineers to self-serve infrastructure through policy automation while ensuring both reliability and high velocity, also some plans for the future of infrastructure changes workflow.

What's the focus of your work these days?

I'm primarily focused on infrastructure self-serve as a platform engineer on the cloud team. I am also responsible for cloud governance and infrastructure policy automation at DoorDash.

What's the motivation for your talk at QCon New York 2023?

To share how DoorDash uses policy enforcement and automation to increase developer velocity, reliability, and efficiency and how you can benefit from doing the same.

How would you describe your main persona and target audience for this session?

Anyone working on Cloud Infrastructure. More specifically, mid-level Infrastructure or platform engineers.

Is there anything specific that you'd like people to walk away with after watching your session?

Why you should care about policy enforcement, and how it can help you with some simple recipes for success.


Lin Du

Software Engineer @Doordash

I'm a software engineer on the cloud team at DoorDash, where we focus on infrastructure self-serve for our cloud primitives and governance. Prior to DoorDash, I worked at Nutanix, and mainly worked on building hyper-converged infrastructure for on-prem private cloud. Outside of work, I like playing basketball, taking photographs, and traveling with family. I'm a Golden State Warriors Superfan. Go #DubNation! 

Read more
Find Lin Du at:


Thursday Jun 15 / 11:50AM EDT ( 50 minutes )


Salon D


Infrastructure as Code Policy Automation Cloud Platform


From the same track

Session Platform Engineering

Demystifying Kubernetes Platforms with Backstage

Thursday Jun 15 / 10:35AM EDT

Developer platforms can help developers move faster, be more productive, and focus on delivering value.

Speaker image - Matt Clarke

Matt Clarke

Senior Infrastructure Engineer @ Spotify

Session Platform Engineering

Hard Problems in Frontend Platforms

Thursday Jun 15 / 01:40PM EDT

Imagine you are tasked with building a platform to support a distributed system where your code executes in a remote environments.

Speaker image - Katie Sylor-Miller

Katie Sylor-Miller

Frontend Architect @Etsy

Session Platform Engineering

Scaling Organizations with Platform Engineering

Thursday Jun 15 / 02:55PM EDT

Engineering organizations are often incentivized to prioritize short-term growth over long-term needs, leading to socio-technical consequences such as tech debt, organization siloes, and attrition.

Speaker image - Lesley Cordero

Lesley Cordero

Staff Engineer @nytimes

Session Platform Engineering

Perils, Pitfalls and Pratfalls of Platform Engineering

Thursday Jun 15 / 04:10PM EDT

Platform engineering isn’t supposed to be just another name for SRE, DevOps, infrastructure, or backend software engineering teams; but if you aren’t careful, that’s what you’ll get.

Speaker image - Charity Majors

Charity Majors

CTO @Honeycombio, Previously engineer & manager @Facebook @Parse & @Linden Lab