In recent years, the development of technologies such as Infrastructure as Code (IaC) and Policy as Code (PaC) has transformed modern Information and Communication Technology infrastructures into more software-based systems. This evolution has enabled faster deployment, scalability, and simplified network management. Moreover, the growing number of Infrastructure as Code (IaC)-based solutions has created a diverse landscape, necessitating that each organization determine the most suitable solution for its needs while ensuring policy compliance before provisioning and deploying the infrastructure. PaC involves codifying security and compliance policies into executable code. By integrating policies directly into the infrastructure code, organizations can ensure that security and compliance requirements are automatically enforced, thereby reducing the risk of human error and enhancing overall governance.