Open Policy Agent topic
The Open Policy Agent (OPA, pronounced “oh-pa”) is an open source, general-purpose policy engine that unifies policy enforcement across the stack. OPA provides a high-level declarative language that lets you specify policy as code and simple APIs to offload policy decision-making from your software. You can use OPA to enforce policies in microservices, Kubernetes, CI/CD pipelines, API gateways, and more.
Community & Support
What is OPA
devspace-cloud
DevSpace Cloud ⚡ Turn Kubernetes into a Powerful Developer Platform (new on-premise edition)
the-container-security-book
The Container Security Book—a free book for practitioners
container-image-sign-and-verify-with-cosign-and-opa
This is just a proof-of-concept project that aims to sign and verify container images using cosign and OPA (Open Policy Agent)
policies
A set of shared policies for use with Conftest and other Open Policy Agent tools
opa-kafka-plugin
Open Policy Agent (OPA) plug-in for Kafka authorization
sphinx-rego
Sphinx extension that automatically documents Open Policy Agent Rego policies
fastapi-opa
Fastapi OPA middleware incl. auth flow.
hcunit
Helm Chart Unit: helps to unit test rendering of your templates using policies
k8s-opa-boilerplate
Boilerplate example of managing OPA with kustomize
community
The Community repository is the place to go for support with OPA and OPA Sub-Projects, like Conftest and Gatekeeper.