Hoot – Understanding Open Policy Agent

Kubernetes and cloud-native architecture has introduced abstractions at different layers of the application stack, starting with containers abstracting the code from the OS, networking, and more. Microservices being distributed, dynamic, and polyglot means that abstracting these operational instructions away from the business logic allows them to be language agnostic of the application code, configured, and managed independently from the software lifecycle. A popular project in the cloud-native landscape is Open Policy agent.

What is Open Policy Agent (OPA)?

Open Policy Agent (OPA) is an open source project by Styra and is a general purpose policy engine that de-couple policies from the application code to unify policy deployment, enforcement, and analysis across cloud-native environments. OPA allows organizations to streamline their policies with a unified toolset and framework. They can stop using different policy language, policy model, and policy API for every product and service you use.

In this two episode series, Yuval Kohavi covers what is OPA and demonstrates examples of using OPA with Envoy and Istio to apply policies for application networks.  We’ve also integrated OPA support into our Gloo Edge solution as part of the security functionality.

Episode 1: Open Policy Agent Overview

 

Episode 2: OPA with Envoy Proxy and Istio

Catch Yuval at the upcoming Hoot on Dec 8th where he digs into the recently announced HashiCorp Waypoint and check out the repo here of all the demo code, presentations, and topics from past Hoots.  Subscribe to our Youtube Channel to be notified of upcoming livestreams and new videos.