Open Policy Agent
The Open Policy Agent (OPA) is an open source and generic engine that can be used to enforce uniform and context-aware policies across the entire technology stack.
While from a security point of view the use of a central authorization component seems to make sense at first, this is often difficult to implement in a decentralized microservice landscape in reality and leads to more disadvantages than advantages.
In the workshop, the Open Policy Agent and its deployment scenarios will be explained so that, building on this, authorization rules for microservices or web applications can be designed in the “rego” language.
- Introduction and implications of missing authorization
- Contexts in mircoservices
- How OPA works
- Deployment scenarios such as Kubernetes Adminssion Controller and authorization in web applications
- Hands-on exercises
Timo Pagel incorporates his knowledge from over 20 years in operations and development into his trainings. As a DevSecOps consultant, he not only advises at the strategic level but also lends a hand.