Repository navigation
Open Policy Agent
The Open Policy Agent (OPA, pronounced “oh-pa”) is an open source, general-purpose policy engine that unifies policy enforcement across the stack. OPA provides a high-level declarative language that lets you specify policy as code and simple APIs to offload policy decision-making from your software. You can use OPA to enforce policies in microservices, Kubernetes, CI/CD pipelines, API gateways, and more.
Community & Support
What is OPA
Open Policy Agent (OPA) is an open source, general-purpose policy engine.
Meshery, the cloud native manager
Policy and data administration, distribution, and real-time updates on top of Policy Agents (OPA, Cedar, ...)
🐊 Policy Controller for Kubernetes
Cloud-native authorization for modern applications and APIs
A curated list of OPA related tools, frameworks and articles
📚 The OPA Gatekeeper policy library
Tool and policy library for reviewing Google Kubernetes Engine clusters against best practices
S3 Reverse Proxy with GET, PUT and DELETE methods and authentication (OpenID Connect and Basic Auth)
A policy management tool for interacting with Gatekeeper
A plugin to enforce OPA policies with Envoy
Regal is a linter and language server for Rego, bringing your policy development experience to the next level!
Integrations, examples, and proof-of-concepts that are not part of OPA proper.
A simple to use web-based OPA Gatekeeper policy manager
Open source compliance tool for development platforms.
A set of curated exercises to help you prepare for the CKS exam
SCuBA Secure Configuration Baselines and assessment tool for Google Workspace
Sidecar for managing OPA instances in Kubernetes.
Regorus - A fast, lightweight Rego (OPA policy language) interpreter written in Rust.
Notice: Postee is no longer under active development or maintenance.