Check K8s yaml-files and helm-charts with rego policies
-
Updated
Jul 23, 2021 - Go
The Open Policy Agent (OPA, pronounced “oh-pa”) is an open source, general-purpose policy engine that unifies policy enforcement across the stack. OPA provides a high-level declarative language that lets you specify policy as code and simple APIs to offload policy decision-making from your software. You can use OPA to enforce policies in microservices, Kubernetes, CI/CD pipelines, API gateways, and more.
What is OPA
Check K8s yaml-files and helm-charts with rego policies
Examples for validation using Policy Language Rego
Audit Logging for OPA Decision Logs
An easy way to generate Gatekeeper contraintTemplates from Rego files.
OPA GitHub Pull Request Review Bot.
Synchronize profile editors into the Open Policy Agent for use in MinIO Access Control / Synchronisation de données des éditeurs de profiles stockés dans Open Policy Agent, ceux-ci utilisés pour la contrôle d'accès à MinIO
Merge and convert the rego coverage format to codecov json
This example app acts as a webhook server that listens to Terraform Cloud Run Tasks and performs OPA evaluation using open-policy-agent Go API.
Open Policy Agent (OPA) Authorization middleware for Traefik
Authorization Control using OpenPolicy Agent and Google Groups
open policy agent gin middleware for custom usage
A e2e demo of serverless technologies
An implementation of Envoy External Authorization
OPA Dependency Manager (ODM)
CLI audit tool for GitHub organization with OPA/Rego
Sign your artifacts, source code or container images using Sigstore tools, Save the Signatures you want to use, and Validate & Control the deployments to allow only the known Sources based on Signatures, Maintainers & other payloads automatically.
Todo App
mesh-kridik is an open-source security checker that performs various security checks on a Kubernetes cluster with istio service mesh and is leveraged by OPA (Open Policy Agent) to enforce security rules.