Description
What is Open Policy Agent (OPA)? And what can someone do with it? These are some of the questions that episode 57 of the Full Stack Journey podcast tackles. In this episode, Scott is joined by Diego Comas (@diegocomas on Twitter), a user/consumer of OPA, to discuss his direct experience in using OPA in real production environments. (Diego also has a blog focused on cloud-native security, but he freely admits that it needs to be updated.)
Additionally, Scott and Diego discussed things like:
* What was the hardest part about using OPA?
* What is Rego, and what are some good resources for learning to use Rego?
* What are some of the benefits of using OPA instead of multiple, more specialized point solutions?
This episode of full of “lessons learned” and practical information on putting OPA to work in an environment!
Sponsor: Subspace
Subspace is your network provider for real-time applications. Subspace uses its own global network and intelligent routing algorithms to make sure your traffic takes the lowest-latency path between two points, with excellent jitter and drop performance when compared to the public Internet. Accelerate your applications at get.subspace.com/network.
Show Notes:
Open Policy Agent
Styra
Rego language documentation
Gatekeeper
Konstraint
Conftest
The conftest GitHub repository
Rego Playground
Rego plugin for VS Code (vscode-opa)
Yubico presentation about Rego, OPA, Conftest, Artifact Hub – Event page including links and presentation transcript – Enabling Autonomous Teams With Policy Enforcement at Yubico – Slides
Open Policy Agent – Deep dive – Video
How Pinterest Manages Policy Distribution – Video
Deploying OPA at Atlassian – Video
Forseti Security – OPA policies
Kyverno
The Full Stack Journey is coming to an end. After five years and more than 80 episodes of deeply technical conversations about technologies, tools, and career journeys, this is the final episode of the series. In this show, with guest Drew Conry-Murray, I reflect on my time hosting the podcast,...
Published 10/31/23
All the way back in episode 41—published in April 2020—we discussed Talos Linux, a “fit-for-purpose OS” designed for running Kubernetes. Three years later, Andrew Rynhard joins Scott for another journey into the world of Talos Linux.
Andrew answers a bunch of questions about Talos Linux and...
Published 09/19/23