apisix-opa-plugin VS OPA (Open Policy Agent)

Compare apisix-opa-plugin vs OPA (Open Policy Agent) and see what are their differences.

Our great sponsors
  • Scout APM - Less time debugging, more time building
  • OPS - Build and Run Open Source Unikernels
  • SonarQube - Static code analysis for 29 languages.
apisix-opa-plugin OPA (Open Policy Agent)
1 32
3 6,128
- 4.9%
4.6 9.8
3 months ago 5 days ago
Go Go
GNU General Public License v3.0 or later Apache License 2.0
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.


Posts with mentions or reviews of apisix-opa-plugin. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2021-11-24.

OPA (Open Policy Agent)

Posts with mentions or reviews of OPA (Open Policy Agent). We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-01-19.
  • Exploring and Tech – Internationally Awesome with Peter ONeill
    4 projects | dev.to | 19 Jan 2022
    And so, from there, our maintainers are super active. They are very quick to respond. And so, if you need help understanding what style of coding we do, how we like things to be submitted, we are very active in engaging, especially with first-time contributors. Finding us online, joining the Slack, and just saying hello is that first step.
    4 projects | dev.to | 19 Jan 2022
    Peter: I think it's very similar with most open-source projects. Once you've heard of the project, check them out online, see what they're up to. You'll see that we have a Slack channel where we do most of our day-to-day communications. We also have a GitHub repository. And so joining the Slack channel, maybe joining our community meeting, and then seeing what GitHub issues have the label good first issue and just taking one of those and running with it.
  • How to Implement Attribute Based Access Control (ABAC) using Open Policy Agent (OPA)
    1 project | dev.to | 17 Jan 2022
    By creating a separate microservice for authorization, thus decoupling our policy from our code. Controlling access management centrally through a separate authorization service allows you to offer it as a service to every system that needs to check whether a user can or cannot access its resources. This can be done by using Open Policy Agent (OPA).
  • Hey Rustaceans! Got an easy question? Ask here (52/2021)!
    11 projects | reddit.com/r/rust | 27 Dec 2021
    What I'm interested in doing is creating something similar to Open Policy Agent but something which doesn't use Rego for the scripting language. I don't need anything super complex like OPA. What I do want is to implement a simple "policy as code" and allow end users to write a script (in this case Rhai) that can let them create more robust authorization policies.
  • Embeddable Prolog in Go
    2 projects | reddit.com/r/golang | 21 Dec 2021
    See this almost industry standard for example: https://www.openpolicyagent.org/
  • Restrict - RBAC/ABAC hybrid authorization library
    5 projects | reddit.com/r/golang | 15 Dec 2021
    There's also open policy agent https://www.openpolicyagent.org/ which is part of cncf. It is cool because you can write unit tests on each of your policies.
  • Policyer Action
    5 projects | dev.to | 5 Dec 2021
    Policyer is an open source project (more like a vision) I created after inspired by policy engines that become very popular lately (OPA,Checkov) Policyer going to focus on providing platform to run and create meaningful reports, data engagement and plugin system to let you provide any data, some time it can be k8s yaml and in other it can be user data.
  • How do businesses apply permissions to their data?
    1 project | reddit.com/r/learnprogramming | 29 Nov 2021
    There are plenty of different approaches. Role-based access, resources based access, etc. And the authorization can exist on multiple levels, such as network gateways, in a sidecar and so forth.
  • Ask HN: What API Gateways do you use?
    5 projects | news.ycombinator.com | 24 Nov 2021
    I'm currently looking into using Apache APISIX, seems really interesting - especially the part of writing custom plugins.

    At Swisscom [1] we've created an APISIX [2] Plugin [3] to interact with Open Policy Agent (OPA) [4] to perform certain actions depending on the result of a policy evaluation.

    An integration with Ory Keto [5] could allow us to have a centralized API Gateway with authentication and authorization termination (by using opa-keto [6]).

    This is the power of open source technologies :)

    [1]: https://swisscom.ch

    [2]: https://apisix.apache.org/

    [3]: https://github.com/swisscom/apisix-opa-plugin

    [4]: https://www.openpolicyagent.org/

    [5]: https://www.ory.sh/keto/docs/

    [6]: https://github.com/swisscom/opa-keto

  • OPA Policy Testing by Table Driven Test
    3 projects | dev.to | 18 Nov 2021
    In this post, I introduce how to write OPA's Policy Tests with table driven test. By applying Test Driven Test to OPA's Policy Testing, you can test various test cases simply.

What are some alternatives?

When comparing apisix-opa-plugin and OPA (Open Policy Agent) you can also consider the following projects:

casbin - An authorization library that supports access control models like ACL, RBAC, ABAC in Golang

Keycloak - Open Source Identity and Access Management For Modern Applications and Services

Ory Keto - Open Source (Go) implementation of "Zanzibar: Google's Consistent, Global Authorization System". Ships gRPC, REST APIs, newSQL, and an easy and granular permission language. Supports ACL, RBAC, and other access models.

cerbos - Cerbos is the open core, language-agnostic, scalable authorization solution that makes user permissions and authorization simple to implement and manage by writing context-aware access control policies for your application resources.

Ory Kratos - Next-gen identity server (think Auth0, Okta, Firebase) with Ory-hardened authentication, MFA, FIDO2, profile management, identity schemas, social sign in, registration, account recovery, and IoT auth. Golang, headless, API-only - without templating or theming headaches.

oso - Oso is a batteries-included framework for building authorization in your application.

atlantis - Terraform Pull Request Automation

Vault - A tool for secrets management, encryption as a service, and privileged access management

Kyverno - Kubernetes Native Policy Management


crossplane - Your Universal Control Plane

Grafana - The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many more.