Open Policy Agent topic
The Open Policy Agent (OPA, pronounced “oh-pa”) is an open source, general-purpose policy engine that unifies policy enforcement across the stack. OPA provides a high-level declarative language that lets you specify policy as code and simple APIs to offload policy decision-making from your software. You can use OPA to enforce policies in microservices, Kubernetes, CI/CD pipelines, API gateways, and more.
Community & Support
What is OPA
konstraint
A policy management tool for interacting with Gatekeeper
k8s-security-policies
This repository offers a comprehensive library of security policies designed to enhance the security of Kubernetes cluster configurations. The policies are developed in accordance with the CIS Kuberne...
kics
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
conftest
Write tests against structured configuration data using the Open Policy Agent Rego query language
rego-style-guide
Style guide for Rego
opal
Policy and data administration, distribution, and real-time updates on top of Policy Agents (OPA, Cedar, ...)
awesome-opa
A curated list of OPA related tools, frameworks and articles
gatekeeper
Kubernetes Operator to manage Dynamic Admission Controllers using Open Policy Agent
kube-review
Create Kubernetes AdmissionReview requests from Kubernetes resource manifests
npm-opa-wasm
Open Policy Agent WebAssembly NPM module (opa-wasm)