Introduction to Open Policy Agent | Rawkode Live

Special Guest: Torin Sandall (https://twitter.com/sometorin) Torin Sandall is VP of Open Source at Styra and a co-creator of the Open Policy Agent (OPA) project. The Open Policy Agent (OPA, pronounced “oh-pa”) is an open source, general-purpose policy engine that unifies policy enforcement across the stack. OPA provides a high-level declarative language that let’s you specify policy as code and simple APIs to offload policy decision-making from your software. You can use OPA to enforce policies in microservices, Kubernetes, CI/CD pipelines, API gateways, and more. OPA decouples policy decision-making from policy enforcement. When your software needs to make policy decisions it queries OPA and supplies structured data (e.g., JSON) as input. OPA accepts arbitrary structured data as input. OPA generates policy decisions by evaluating the query input and against policies and data. OPA and Rego are domain-agnostic so you can describe almost any kind of invariant in your policies. 🕰 Timeline 00:00 - Holding screen 04:00 - Introductions 10:00 - Introduction to Rego, the policy language 13:45 - Our first Rego policy 23:40 - Simple Kubernetes policy - label validation 31:00 - Complex Kubernetes policy - image source validation 38:40 - Running Open Policy Agent (OPA) locally with CLI and VSCode 🌎 Resources Torin Sandall - https://twitter.com/sometorin Open Policy Agent - https://www.openpolicyagent.org/