The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Top 23 Opa Open-Source Projects
-
How can we handle this? Are there any mechanisms to prevent or at least to some extent safeguard this kind of issues without falling back to a manual workflow? There is. One huge advantage of sticking to (de-facto) standards like Terraform is that first we are probably not the first ones to come up with this question and second there is a huge ecosystem around Terraform that might help us with such challenges. And for this specific scenario the solution is the Open Policy Agent. Let us take a closer look how the solution could look like.
-
Project mention: Shrink to Secure: Kubernetes and Secure Compact Containers | news.ycombinator.com | 2023-07-02
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
OPAL
Policy and data administration, distribution, and real-time updates on top of Policy Agents (OPA, Cedar, ...) (by permitio)
Another tool that can help you deploy a Policy as Code-based solution in 2024 is OPAL, the Open Policy Administration Layer. OPAL is an open-source project that provides a comprehensive policy-based service for applications. With one click, you can deploy a full architecture of a Git-based centralized policy store with decentralized policy engines running as a sidecar with your applications. OPAL also provides a unified architecture to sync all the data you need with the policy engines.
-
OPA is a great tool for implementing a policy-as-code system. But if you're trying to use it for application authorization (e.g. fine-grained authz for B2B SaaS or a set of internal applications), you may find that its policy story is strong, but it doesn't really have a "data plane": you either store data in a data.json file and rebuild the policy any time that data changes, or make an http.send call out of the policy to fetch dynamic data.
Check out Topaz [0], which uses OPA as its decision engine, but adds a data plane that is based on the ReBAC ideas explored in the Google Zanzibar [1] paper.
Disclaimer: I work on the team [2] that builds and maintains the Topaz project.
[1] https://research.google/pubs/zanzibar-googles-consistent-glo...
-
Project mention: How are you implementing OPA with Terraform? We found a few links on how others have done it, but we're still curious. | /r/devsecops | 2023-05-03
Awesome OPA GitHub Repo - a collection of open-source OPA tooling.
-
-
gke-policy-automation
Tool and policy library for reviewing Google Kubernetes Engine clusters against best practices
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
-
-
-
-
s3-proxy
S3 Reverse Proxy with GET, PUT and DELETE methods and authentication (OpenID Connect and Basic Auth)
-
-
-
Full changelog, and downloads here!
-
-
-
-
regolibrary
The regolibrary package contains the controls Kubescape uses for detecting misconfigurations in Kubernetes manifests.
-
-
-
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Opa related posts
- SAP BTP, Terraform and Open Policy Agent
- Open Policy Agent
- Build and Push to GAR and Deploy to GKE - End-to-End CI/CD Pipeline
- Regal v0.14.0 released
- Securing CI/CD Images with Cosign and OPA
- OPA vs. Google Zanzibar: A Brief Comparison
- Rego for beginners: Introduction to Rego
-
A note from our sponsor - WorkOS
workos.com | 18 Apr 2024
Index
What are some of the best open-source Opa projects? This list will help you:
Project | Stars | |
---|---|---|
1 | OPA (Open Policy Agent) | 9,104 |
2 | gatekeeper | 3,454 |
3 | OPAL | 2,271 |
4 | topaz | 966 |
5 | awesome-opa | 732 |
6 | gatekeeper-library | 600 |
7 | gke-policy-automation | 507 |
8 | konstraint | 374 |
9 | opa-envoy-plugin | 304 |
10 | gatekeeper-policy-manager | 287 |
11 | reposaur | 280 |
12 | s3-proxy | 263 |
13 | preflight | 250 |
14 | gatekeeper | 237 |
15 | regal | 214 |
16 | rego-style-guide | 192 |
17 | rego-policies | 152 |
18 | magtape | 144 |
19 | regolibrary | 108 |
20 | policy-as-code-war | 60 |
21 | opa-kafka-plugin | 58 |
22 | docker-security-checker | 55 |
23 | sls-lambda-opa | 52 |