Elevator Pitch
For users looking to choose an Open Source solution to their authorization problem, Open Policy Agent is a general-purpose policy engine ready to meet your needs. I’ll break down the basics of what the project is all about and dive into some simple policy examples.
Description
As the cloud native landscape evolves, so do the security requirements of the tech stack. New technologies are sprouting up every day, and many make their way into our organizations. How do we know these new technologies are kept up to the same security standards as our old ones? Furthermore, how do we know the old ones are still as secure when we set them up? Do you find yourself wondering how to audit permissions across your entire stack all at once? Now’s the time to get started writing Policy-as-Code, and there’s no better tool than Open Policy Agent.
During this talk, I’ll walk you through a high-level overview of why companies are adopting Policy-as-Code frameworks; then we’ll dive into what makes Open Policy Agent special. We’ll end the talk with some quick command line examples, followed by resources to get you started.
Notes
Hi Everyone!
I’m a new Denver transplant and looking to get involved with the DevOpsDays community! I’m also a community maintainer for the Open Policy Agent project. I can run this talk in many different ways ranging from workshop mode to a pure breakdown of the most common patterns in the Rego language. Happy rework this talk in any way that might be more beneficial for the community.
Cheers, Peter