How Open Policy Agent Works to Secure Cloud-Native Workloads

core element of IT security is the need to have proper policies in place that define what is and what isn’t allowed for a given process or entity.

In the cloud-native world, where there are multiple distributed elements that can live in different deployment modalities, the challenge of defining and implementing policy is non-trivial, but that’s the challenge that the Open Policy Agent (OPA) project is looking to solve. In a session at the Dockercon Europe 2018 event in Barcelona, Spain, Torin Sandall, software engineer at Strya and Justin Cormack, software engineer at Docker, outlined how OPA can help to create and enforce security.