Whether you’re just starting to understand basic Rego language concepts or want to brush up on structuring policy-as-code rules, Styra Academy’s “OPA Policy Authoring” course lays out the fundamentals you need to know to get started. Before we dive in, let’s get a better understanding of Open Policy Agent (OPA) and some common use cases. OPA is an open source, general purpose policy engine for cloud native environments.

As part of Styra’s vision for unified authorization, we founded the Open Policy Agent project (OPA) to make policy-based control of the cloud-native stack accessible to everyone. OPA has now grown to become the de facto standard for authorization across the stack, leading to a large part of the community looking for ways to manage the OPA policy-as-code lifecycle.

This post is going to outline some basics, interesting tidbits and caveats on unit testing Rego policies.

Open Policy Agent (OPA), now a graduated project from the Cloud Native Computing Foundation, has become the open-source tool of choice for millions of users, who leverage it as a standard building block for policy and authorization across the cloud-native stack. Given the flexibility of OPA — with practically limitless deployment options — it has been adopted for dozens of use cases across hundreds of companies.

One of my absolute favorite aspects of Open Policy Agent (OPA) is the general purpose nature of the tool. While commonly seen in deployments for Kubernetes admission control or application authorization, the large OPA ecosystem includes integrations with anything from databases, and operating systems to test frameworks and REST clients for most common languages.

In this pandemic-defined era of rapid retail transformation, the digital shopping experience has become tantamount to the success of the business. As a result, retailers have redoubled their efforts to improve digital applications and services.

Devops teams are flocking to GitOps strategies to accelerate development time frames and eliminate cloud misconfigurations. They should adopt a similar ‘as-code’ approach to policy. One risk in deploying fleets of powerful and flexible clusters on constantly changing infrastructure like Kubernetes is that mistakes happen. Even minute manual errors that slip past review can have substantial impacts on the health and security of your clusters.

The webhook feature of the Kubernetes API offers a powerful mechanism to extend the modules that comprise the Kubernetes API servers with custom code for authentication, authorization and admission control.

Let’s say you were going to plan a security project. (Almost any project, really.) The following might be a pretty solid list of goals to aim for: That’s a pretty solid list - and might even read like “too much to ask for.” Yet, it’s exactly what SugarCRM received after deploying Styra DAS to manage Open Policy Agent (OPA) for Kubernetes guardrails.

How Open Policy Agent allows developer teams to write and enforce consistent policy and authorization across multicloud and hybrid cloud environments As multicloud strategies become fully mainstream, companies and dev teams are having to figure out how to create consistent approaches among cloud environments.