The Open Policy Agent (OPA, pronounced “oh-pa”) is an open source, general-purpose policy engine that unifies policy enforcement across the stack. OPA provides a high-level declarative language that lets you specify policy as code and simple APIs to offload policy decision-making from your software. You can use OPA to enforce policies in microservices, Kubernetes, CI/CD pipelines, API gateways, and more.
What is OPA
🐊 Gatekeeper - Policy Controller for Kubernetes
A plugin to enforce OPA policies with Envoy
Meshery, the cloud native manager
koans for OPA
Regal is a linter for Rego, with the goal of making your Rego magnificent!
Open Policy Agent (OPA) is an open source, general-purpose policy engine.
Cloud-native authorization for modern applications and APIs
Recreation of common Pod Security Policy configuration in other common Kubernetes policy engines
Policy and data administration, distribution, and real-time updates on top of Policy Agents (OPA, Cedar, ...)
SCuBA Security Configuration Baselines and assessment tool for Google Workspace
Traefik plugin which checks JWT tokens for required fields. Supports Open Policy Agent (OPA) and signature validation with JWKS
An extension to bring the Styra CLI natively into VS Code and provide Intellisense and snippets for rego.
Boilerplate example of managing OPA with kustomize
S3 Reverse Proxy with GET, PUT and DELETE methods and authentication (OpenID Connect and Basic Auth)