Open Policy Agent
Table of Contents
Interactive Learning Environment
In this lab, we will learn about the Open Policy Agent and how to set policies.
All of our labs are powered by Katacoda and are located at this Profile.
Background
Open Policy Agent (OPA) is a general-purpose policy engine with uses ranging from authorization and admission control to data filtering. OPA provides greater flexibility and expressiveness than hard-coded service logic or ad-hoc domain-specific languages. And it comes with powerful tooling to help you get started. You can integrate OPA as a sidecar, host-level daemon, or library.
Here are just a few examples of what you can do with OPA:
- Kubernetes Admission Control
- HTTP API Authorization
- Remote Access
- Data Filtering with Partial Evaluation
Services offload policy decisions to OPA by executing queries. OPA evaluates policies and data to produce query results (which are sent back to the client). Policies are written in a high-level declarative language and can be loaded into OPA via the filesystem or well-defined APIs.
Why use OPA?
