What is Open Policy Agent (OPA)? And what can someone do with it? These are some of the questions that episode 57 of the Full Stack Journey podcast tackles. In this episode, Scott is joined by Diego Comas (@diegocomas on Twitter), a user/consumer of OPA, to discuss his direct experience in using OPA in real production environments. (Diego also has a blog focused on cloud-native security, but he freely admits that it needs to be updated.)
Additionally, Scott and Diego discussed things like:
- What was the hardest part about using OPA?
- What is Rego, and what are some good resources for learning to use Rego?
- What are some of the benefits of using OPA instead of multiple, more specialized point solutions?
This episode of full of “lessons learned” and practical information on putting OPA to work in an environment!
Sponsor: Subspace
Subspace is your network provider for real-time applications. Subspace uses its own global network and intelligent routing algorithms to make sure your traffic takes the lowest-latency path between two points, with excellent jitter and drop performance when compared to the public Internet. Accelerate your applications at ftl.app/packetpushers.
Show Notes:
The conftest GitHub repository
Rego plugin for VS Code (vscode-opa)
Yubico presentation about Rego, OPA, Conftest, Artifact Hub – Event page including links and presentation transcript – Enabling Autonomous Teams With Policy Enforcement at Yubico – Slides
Open Policy Agent – Deep dive – Video
How Pinterest Manages Policy Distribution – Video
Deploying OPA at Atlassian – Video
Share this episode
