Open Policy Agent
github.com
1
Leaving SiteNav
External Link Disclaimer
You are about to visit github.com. This website is not operated by us. We are not responsible for its content or privacy practices.
About this website
Open Policy Agent (OPA) is an open-source general-purpose policy engine enabling unified policy enforcement across the entire stack. Created by Torin Sandall and Patrick East at Styra Inc. in 2016 and now a CNCF Graduated project, OPA has over 10,000 stars as of 2026. OPA decouples policy decision-making from application logic, enabling organizations to define, enforce, and audit policies consistently across microservices, CI/CD pipelines, Kubernetes, API gateways, and infrastructure tools. Key features include: Rego policy language (a declarative, Turing-incomplete query language for policy evaluation, supporting pattern matching, set operations, data transformation, and references to external data), policy as data (representing policies as declarative rules rather than imperative code, enabling authoring by security and compliance teams), decoupled architecture (running as a sidecar, daemon, or library alongside your application, evaluating policies via HTTP API or Go library), unified enforcement (applying the same policies across Kubernetes admission control, API authorization, Terraform plan review, CI/CD pipeline gates, SSH access, and microservice authorization), data and policy bundles (packaging policies into versioned bundles distributed via OCI-compatible registries), decision logging (recording every policy decision with input, output, and metadata for audit trails), partial evaluation (pre-computing policies at compile time for performance-critical scenarios), over 150 built-in functions (string manipulation, cryptography, networking, JSON, regex), and broad ecosystem integration (Kubernetes, Istio, Envoy, Terraform, GitHub Actions, Kafka, and HTTP APIs).
Tags & Categories
Categories
Tags
Statistics
1
Views
0
Clicks
0
Like
0
Dislike