Open Policy Agent topic
The Open Policy Agent (OPA, pronounced “oh-pa”) is an open source, general-purpose policy engine that unifies policy enforcement across the stack. OPA provides a high-level declarative language that lets you specify policy as code and simple APIs to offload policy decision-making from your software. You can use OPA to enforce policies in microservices, Kubernetes, CI/CD pipelines, API gateways, and more.
Community & Support
What is OPA
opa-envoy-spire-ext-authz
OPA-Envoy-SPIRE External Authorization Example.
kove
Watch your in cluster Kubernetes manifests for OPA policy violations and export them as Prometheus metrics
rego-test-assertions
Tiny Rego library with helper functions for unit testing
opa-aws-cloudformation-hook
AWS Cloudformation Hook for OPA-powered infrastructure policy enforcement
mesh-kridik
mesh-kridik is an open-source security checker that performs various security checks on a Kubernetes cluster with istio service mesh and is leveraged by OPA (Open Policy Agent) to enforce security rul...
kong-authorization-opa
Kong Plugin for Authorization (via Open Policy Agent)
enterprise-opa
Enterprise OPA is a distribution of Open Policy Agent with enterprise-grade features to get OPA into production quickly, easily, and inexpensively.
ScubaGoggles
SCuBA Security Configuration Baselines and assessment tool for Google Workspace
regal
Regal is a linter and language server for Rego, bringing your policy development experience to the next level!
traefik-jwt-plugin
Traefik plugin which checks JWT tokens for required fields. Supports Open Policy Agent (OPA) and signature validation with JWKS