Opa

Open-source projects categorized as Opa
Edit details
Language: + Go + Open Policy Agent + Python + TypeScript + Makefile + Shell + Scala
Topics: Kubernetes open-policy-agent rego Policy Authorization
Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured

Top 23 Opa Open-Source Projects

  • OPA (Open Policy Agent)

    Open Policy Agent (OPA) is an open source, general-purpose policy engine.

    • Project mention: The API database architecture – Stop writing HTTP-GET endpoints | news.ycombinator.com | 2024-05-10

    Yeah, I fully agree. The tooling for putting that much logic into the database is just not great. I've been decently happy with Sqitch[0] for DB change management, but even with that you don't really get a good basis for testing some of the logic you could otherwise test in isolation in app code.

    I've also tried to rely heavily on the database handling security and authorization, but as soon as you start to do somewhat non-trivial attribute-/relationship-based authorization (as you would find in many products nowadays), it really isn't fun anymore, and you spend a lot of the time you saved on manually building backend routes on trying to fit you authz model into those basic primitives (and avoiding performance bottlenecks). Especially compares to other modern authz solutions like OPA[1] or oso[2] it really doesn't stack up.

    [0]: https://github.com/sqitchers/sqitch

    [1]: https://www.openpolicyagent.org

    [2]: https://www.osohq.com

  • gatekeeper

    🐊 Gatekeeper - Policy Controller for Kubernetes

    • Project mention: Shrink to Secure: Kubernetes and Secure Compact Containers | news.ycombinator.com | 2023-07-02

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • OPAL

    Policy and data administration, distribution, and real-time updates on top of Policy Agents (OPA, Cedar, ...) (by permitio)

    • Project mention: 45 Questions to Ask Yourself Before Modeling Authorization | dev.to | 2024-05-09

    This can be achieved by using tools like Open Policy Administration Layer (OPAL), which helps keep your authorization layer updated in real-time with data and policy updates. This OSS includes two important features:

  • topaz

    Cloud-native authorization for modern applications and APIs (by aserto-dev)

    • Project mention: Open Policy Agent | news.ycombinator.com | 2024-03-12

    OPA is a great tool for implementing a policy-as-code system. But if you're trying to use it for application authorization (e.g. fine-grained authz for B2B SaaS or a set of internal applications), you may find that its policy story is strong, but it doesn't really have a "data plane": you either store data in a data.json file and rebuild the policy any time that data changes, or make an http.send call out of the policy to fetch dynamic data.

    Check out Topaz [0], which uses OPA as its decision engine, but adds a data plane that is based on the ReBAC ideas explored in the Google Zanzibar [1] paper.

    Disclaimer: I work on the team [2] that builds and maintains the Topaz project.

    [0] https://www.topaz.sh

    [1] https://research.google/pubs/zanzibar-googles-consistent-glo...

    [2] https://www.aserto.com

  • awesome-opa

    A curated list of OPA related tools, frameworks and articles

  • gatekeeper-library

    📚 The OPA Gatekeeper policy library

  • gke-policy-automation

    Tool and policy library for reviewing Google Kubernetes Engine clusters against best practices

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo

  • konstraint

    A policy management tool for interacting with Gatekeeper

  • opa-envoy-plugin

    A plugin to enforce OPA policies with Envoy

  • gatekeeper-policy-manager

    A simple to use web-based OPA Gatekeeper policy manager

  • reposaur

    Open source compliance tool for development platforms.

  • s3-proxy

    S3 Reverse Proxy with GET, PUT and DELETE methods and authentication (OpenID Connect and Basic Auth)

  • preflight

    Open source components of Jetstack Secure

  • gatekeeper

    An OpenID / Proxy service (by gogatekeeper)

  • regal

    Regal is a linter for Rego, with the goal of making your Rego magnificent! (by StyraInc)

    • Project mention: Regal v0.14.0 released | /r/OpenPolicyAgent | 2023-12-05

    Full changelog, and downloads here!

  • rego-style-guide

    Style guide for Rego

  • rego-policies

    Rego policies collection

  • magtape

    MagTape Policy-as-Code for Kubernetes

  • regolibrary

    The regolibrary package contains the controls Kubescape uses for detecting misconfigurations in Kubernetes manifests.

  • policy-as-code-war

    OPA Gatekeeper vs Kyverno

  • opa-kafka-plugin

    Open Policy Agent (OPA) plug-in for Kafka authorization

  • docker-security-checker

    Dockerfile Security Checker using OPA Rego policies with Conftest

  • sls-lambda-opa

    Experimental AWS ApiGateway Authorizer Go Lambda with embedded Open Policy Agent

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

Opa related posts

  • The API database architecture – Stop writing HTTP-GET endpoints

    6 projects | news.ycombinator.com | 10 May 2024

  • SAP BTP, Terraform and Open Policy Agent

    3 projects | dev.to | 2 Apr 2024

  • Open Policy Agent

    8 projects | news.ycombinator.com | 12 Mar 2024

  • Build and Push to GAR and Deploy to GKE - End-to-End CI/CD Pipeline

    3 projects | dev.to | 2 Jan 2024

  • Regal v0.14.0 released

    2 projects | /r/OpenPolicyAgent | 5 Dec 2023

  • Securing CI/CD Images with Cosign and OPA

    4 projects | dev.to | 15 Nov 2023

  • OPA vs. Google Zanzibar: A Brief Comparison

    2 projects | dev.to | 14 Nov 2023
  • A note from our sponsor - InfluxDB
    www.influxdata.com | 10 May 2024
    Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →

Index

What are some of the best open-source Opa projects? This list will help you:

Project Stars
1 OPA (Open Policy Agent) 9,156
2 gatekeeper 3,480
3 OPAL 2,300
4 topaz 979
5 awesome-opa 737
6 gatekeeper-library 606
7 gke-policy-automation 508
8 konstraint 373
9 opa-envoy-plugin 307
10 gatekeeper-policy-manager 287
11 reposaur 280
12 s3-proxy 266
13 preflight 251
14 gatekeeper 241
15 regal 223
16 rego-style-guide 192
17 rego-policies 151
18 magtape 144
19 regolibrary 108
20 policy-as-code-war 61
21 opa-kafka-plugin 58
22 docker-security-checker 55
23 sls-lambda-opa 52

Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com