Repository navigation
Open Policy Agent
The Open Policy Agent (OPA, pronounced “oh-pa”) is an open source, general-purpose policy engine that unifies policy enforcement across the stack. OPA provides a high-level declarative language that lets you specify policy as code and simple APIs to offload policy decision-making from your software. You can use OPA to enforce policies in microservices, Kubernetes, CI/CD pipelines, API gateways, and more.
Community & Support
What is OPA
Open Policy Agent (OPA) is an open source, general-purpose policy engine.
Policy and data administration, distribution, and real-time updates on top of Policy Agents (OPA, Cedar, ...)
🐊 Policy Controller for Kubernetes
Cloud-native authorization for modern applications and APIs
A curated list of OPA related tools, frameworks and articles
📚 The OPA Gatekeeper policy library
Tool and policy library for reviewing Google Kubernetes Engine clusters against best practices
A policy management tool for interacting with Gatekeeper
S3 Reverse Proxy with GET, PUT and DELETE methods and authentication (OpenID Connect and Basic Auth)
A plugin to enforce OPA policies with Envoy
Integrations, examples, and proof-of-concepts that are not part of OPA proper.
Regal is a linter and language server for Rego, bringing your policy development experience to the next level!
A simple to use web-based OPA Gatekeeper policy manager
Open source compliance tool for development platforms.
A set of curated exercises to help you prepare for the CKS exam
SCuBA Secure Configuration Baselines and assessment tool for Google Workspace
Sidecar for managing OPA instances in Kubernetes.
Regorus - A fast, lightweight Rego (OPA policy language) interpreter written in Rust.
Notice: Postee is no longer under active development or maintenance.