How Open Policy Agent Works to Secure Cloud-Native Workloads
December 07, 2018 / Sean Michael Kerner
A core element of IT security is having proper policies in place that define what is and what isn't allowed for a given process or entity. In the cloud-native world, where there are multiple distributed elements that can live in different deployment modalities, the challenge of defining and implementing policy is nontrivial, but that's the challenge that the Open Policy Agent (OPA) project is looking to solve. In a session at the DockerCon Europe 2018 event in Barcelona, Spain, this week, Torin Sandall, software engineer at Strya, and Justin Cormack, software engineer at Docker, outlined how OPA can help to create and enforce security. "Apart from the very long list of policies there are, we have to deal with the fact that we're dealing with lots of different complicated systems, written in different languages and protocols, and the systems are changing really fast," Cormack said.