The Open Policy Agent (OPA, pronounced “oh-pa”) is an open source, general-purpose policy engine that unifies policy enforcement across the stack. OPA provides a high-level declarative language that lets you specify policy as code and simple APIs to offload policy decision-making from your software. You can use OPA to enforce policies in microservices, Kubernetes, CI/CD pipelines, API gateways, and more.
What is OPA
OPA 是一种开源的通用策略引擎,主要为了解决云原生应用的访问控制、授权和策略
Policy and data administration, distribution, and real-time updates on top of Policy Agents (OPA, Cedar, ...)
🐊 Gatekeeper - Policy Controller for Kubernetes
Write tests against structured configuration data using the Open Policy Agent Rego query language
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
Automation to assess the state of your M365 tenant against CISA's baselines
Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or maki...
Cloud-native authorization for modern applications and APIs
#Awesome#A curated list of OPA related tools, frameworks and articles
An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.
📚 The OPA Gatekeeper policy library
Tool and policy library for reviewing Google Kubernetes Engine clusters against best practices
A policy management tool for interacting with Gatekeeper
S3 Reverse Proxy with GET, PUT and DELETE methods and authentication (OpenID Connect and Basic Auth)
Integrations, examples, and proof-of-concepts that are not part of OPA proper.
A plugin to enforce OPA policies with Envoy
A simple to use web-based OPA Gatekeeper policy manager
Regal is a linter and language server for Rego, bringing your policy development experience to the next level!
Open source compliance tool for development platforms.
