Open Policy Agent. (OPA) Intro & Deep Dive

Conference: KubeCon + CloudNativeCon Europe 2023

2023-04-21

Authors: Charlie Egan

Summary

The presentation discusses the Gatekeeper project, a customizable Kubernetes admission web hook that uses Opa engine to enforce policies and enhance governance in organizations.

Gatekeeper project is a customizable Kubernetes admission web hook that uses Opa engine to enforce policies and enhance governance in organizations
Gatekeeper is used to ensure that workloads deployed to Kubernetes clusters are compliant with governance and company policies
Google Anthos and Microsoft Azure have embedded Gatekeeper in their policy engines
Gatekeeper simplifies the process of building an admission web hook
Gatekeeper uses Opa engine to enforce policies and enhance governance
The presentation also discusses updates to Opa, including new built-in functions and upcoming features such as schema validation and a more user-friendly output for tests

The presenter highlights the challenge of building an admission web hook and emphasizes the importance of using Gatekeeper to simplify the process and ensure compliance with policies.

Abstract

Come to this session to learn about the Open Policy Agent (OPA) project. OPA is a general-purpose policy engine that solves a number of policy-related use cases for Kubernetes, microservices, CI/CD, cloud, and more. During this session the OPA maintainers will introduce the project for newcomers and then provide updates on the latest and greatest features landing in OPA and OPA Gatekeeper. If you are interested in policy and security as it relates to cloud native technology, this session is for you.

Materials:

Tags: