Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

awesome-opa

A curated list of OPA related tools, frameworks and articles
https://github.com/StyraInc/awesome-opa

Last synced: 3 days ago
JSON representation

  • Official projects

    • Blogs and Articles

      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • Logo - The OPA Logo in different versions
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project
      • OPA - Official blog for the OPA project

    • Docs

      • OPA - Official OPA documentation
      • Styra Academy - Excellent OPA training courses
      • Gatekeeper - OPA Gatekeeper docs
      • Conftest - Conftest documentation
      • Regal Docs - Documentation for 60+ linter rules, providing an excellent reference for learning Rego
      • Rego Style Guide - Style guide for Rego, providing pointers on best practices for policy authoring

    • Repositories

      • OPA - Open Policy Agent Github repository
      • Conftest - Write tests against structured configuration data

  • Infrastructure as Code

  • Serverless

  • People

    • Meetup Groups

    • Maintainers

      • @open-policy-agent - Official OPA account 🌎 ([Twitter](https://twitter.com/OpenPolicyAgent))
      • @tsandall - Torin Sandall πŸ‡¨πŸ‡¦ - OPA co-creator ([Twitter](https://twitter.com/sometorin))
      • @timothyhinrichs - Tim Hinrichs πŸ‡ΊπŸ‡Έ - OPA co-creator ([Twitter](https://twitter.com/tlhinrichs))
      • @ashutosh-narkar - Ash Narkar πŸ‡ΊπŸ‡Έ - OPA maintainer ([Twitter](https://twitter.com/ashtalk))
      • @johanfylling - Johan Fylling πŸ‡ΈπŸ‡ͺ - OPA maintainer ([Mastodon](https://hachyderm.io/@johanfylling), [Twitter](https://twitter.com/johanfylling))
      • @philipaconrad - Philip Conrad πŸ‡ΊπŸ‡Έ - OPA maintainer ([Twitter](https://twitter.com/philip_conrad))
      • @anderseknert - Anders Eknert πŸ‡ΈπŸ‡ͺ - OPA developer advocate ([Mastodon](https://hachyderm.io/@anderseknert), [Twitter](https://twitter.com/anderseknert))
      • @charlieegan3 - Charlie Egan πŸ‡¬πŸ‡§ - OPA developer advocate ([Mastodon](https://hachyderm.io/@charlieegan3), [Twitter](https://twitter.com/charlieegan3))
      • @ritazh - Rita Zhang πŸ‡ΊπŸ‡Έ - Gatekeeper maintainer ([Mastodon](https://hachyderm.io/@ritazh), [Twitter](https://twitter.com/ritazzhang))
      • @sozercan - SertaΓ§ Γ–zercan πŸ‡ΊπŸ‡Έ - Gatekeeper maintainer ([Mastodon](https://hachyderm.io/@[email protected]), [Twitter](https://twitter.com/sozercan))
      • @jpreese - John Reese πŸ‡ΊπŸ‡Έ - Conftest maintainer ([Mastodon](https://hachyderm.io/@jpreese), [Twitter](https://twitter.com/johnpreese))
      • @jpreese - John Reese πŸ‡ΊπŸ‡Έ - Conftest maintainer ([Mastodon](https://hachyderm.io/@jpreese), [Twitter](https://twitter.com/johnpreese))
      • @jpreese - John Reese πŸ‡ΊπŸ‡Έ - Conftest maintainer ([Mastodon](https://hachyderm.io/@jpreese), [Twitter](https://twitter.com/johnpreese))

    • Community Stars

      • @Parsifal-M - Peter Macdonald πŸ‡¬πŸ‡§ - OPA contributor and active community member ([Mastodon](https://hachyderm.io/@parcifal), [Twitter](https://twitter.com/_PeterM_))
      • @m-mizutani - Masayoshi Mizutani πŸ‡―πŸ‡΅ - Security engineer. Prolific OPA & Rego advocate ([Twitter](https://twitter.com/m_mizutani))
      • @RoyOsaki - Roy Hiroyuki OSAKI πŸ‡ΊπŸ‡Έ - Research engineer. OPA community contributor ([Twitter](https://twitter.com/Hiroyuki_OSAKI))
      • @developer-guy - Batuhan Apaydin πŸ‡ΉπŸ‡· - OPA and many CNCF projects ([Mastodon](https://hachyderm.io/@developerguy), [Twitter](https://twitter.com/developerguyba))
      • @nmeisenzahl - Nico Meisenzahl πŸ‡©πŸ‡ͺ - All about OPA and cloud native topics ([Mastodon](https://fosstodon.org/@nmeisenzahl), [Twitter](https://twitter.com/nmeisenzahl))
      • @jaspervdj - Jasper Van der Jeugt πŸ‡¨πŸ‡­ - OPA contributor ([Mastodon](https://functional.cafe/@jaspervdj), [Twitter](https://github.com/jaspervdj-luminal))
      • @willbeason - Will Beason πŸ‡ΊπŸ‡Έ - Ex Gatekeeper maintainer ([Mastodon](https://functional.cafe/@[email protected]), [Twitter](https://twitter.com/willbeason))
      • @peteroneilljr - Peter O'Neill 🌎 - Ex OPA community advocate ([Mastodon](https://hachyderm.io/@Peteroneilljr), [Twitter](https://twitter.com/peteroneilljr))
      • @antonioberben - Antonio Berben πŸ‡ͺπŸ‡Έ - OPA Contributor & Blogger ([Twitter](https://twitter.com/antonioberben))
      • @Parsifal-M - Peter Macdonald πŸ‡¬πŸ‡§ - OPA contributor and active community member ([Mastodon](https://hachyderm.io/@parcifal), [Twitter](https://twitter.com/_PeterM_))
      • @m-mizutani - Masayoshi Mizutani πŸ‡―πŸ‡΅ - Security engineer. Prolific OPA & Rego advocate ([Twitter](https://twitter.com/m_mizutani))
      • @RoyOsaki - Roy Hiroyuki OSAKI πŸ‡ΊπŸ‡Έ - Research engineer. OPA community contributor ([Twitter](https://twitter.com/Hiroyuki_OSAKI))
      • @developer-guy - Batuhan Apaydin πŸ‡ΉπŸ‡· - OPA and many CNCF projects ([Mastodon](https://hachyderm.io/@developerguy), [Twitter](https://twitter.com/developerguyba))
      • @jaspervdj - Jasper Van der Jeugt πŸ‡¨πŸ‡­ - OPA contributor ([Mastodon](https://functional.cafe/@jaspervdj), [Twitter](https://github.com/jaspervdj-luminal))
      • @peteroneilljr - Peter O'Neill 🌎 - Ex OPA community advocate ([Mastodon](https://hachyderm.io/@Peteroneilljr), [Twitter](https://twitter.com/peteroneilljr))
      • @antonioberben - Antonio Berben πŸ‡ͺπŸ‡Έ - OPA Contributor & Blogger ([Twitter](https://twitter.com/antonioberben))
      • @Parsifal-M - Peter Macdonald πŸ‡¬πŸ‡§ - OPA contributor and active community member ([Mastodon](https://hachyderm.io/@parcifal), [Twitter](https://twitter.com/_PeterM_))
      • @m-mizutani - Masayoshi Mizutani πŸ‡―πŸ‡΅ - Security engineer. Prolific OPA & Rego advocate ([Twitter](https://twitter.com/m_mizutani))
      • @developer-guy - Batuhan Apaydin πŸ‡ΉπŸ‡· - OPA and many CNCF projects ([Mastodon](https://hachyderm.io/@developerguy), [Twitter](https://twitter.com/developerguyba))
      • @jaspervdj - Jasper Van der Jeugt πŸ‡¨πŸ‡­ - OPA contributor ([Mastodon](https://functional.cafe/@jaspervdj), [Twitter](https://github.com/jaspervdj-luminal))
      • @antonioberben - Antonio Berben πŸ‡ͺπŸ‡Έ - OPA Contributor & Blogger ([Twitter](https://twitter.com/antonioberben))

  • Language and Platform Integrations

    • Python

      • regopy - Python module which uses the C FFI for rego-cpp, allowing in-process Pythonic Rego policy evaluation
      • OPA Python - Python client library for Open Policy Agent
      • OPA Python client - Python client for OPA's REST API
      • Flask OPA - OPA client for the Flask microframework
      • Bottle Authorization - Custom Bottle Application Authorization
      • Rego Python - Python package for interacting with Rego
      • Sphinx Rego - Sphinx extension that automatically documents Rego policies
      • regorus - Evaluate Rego policies in Python using Regorus, a fast, lightweight Rego interpreter written in Rust.

    • Go

    • Rust

      • regorust - Rust crate wrapping the C FFI for rego-cpp, allowing in-process Rego policy evaluation using idiomatic Rust.
      • regorus - A fast, lightweight Rego interpreter written in Rust. In addition to bringing the power of Rego to Rust-only environments, it is intended as a platform for developing Rego tools and exploring Rego language enhancements.

    • Java

    • PHP

      • OPA Library for PHP - OPA client, a PSR-15 authorization middleware and a PSR-15 bundle distributor middleware

    • .NET

      • Styra C# SDK - C# SDK for interacting with OPA ([documentation](https://docs.styra.com/sdk))
      • ASP.NET Core - ASP.NET Core authorization middleware
      • OpaDotNet.Extensions.AspNetCore - ASP.NET Core authorization infrastructure
      • regorus - C# bindings to Regorus, a fast, lightweight Rego interpreter written in Rust.

    • Node.js

    • Clojure

      • Jarl - Native evaluation of Rego in the JVM (written in Clojure), via OPA's IR format ([blog](https://blog.openpolicyagent.org/i-have-a-plan-exploring-the-opa-intermediate-representation-ir-format-7319cd94b37d))
      • clj-opa - Middleware and utilities for app authorization with OPA in Clojure

    • Docker

    • Containers

      • Konveyor Forklift Validation Service - VM migration suitability assessment to avoid migrating VMs that are not fit for Kubevirt. Rules are applied on all the VMs of the source provider (VMware) during the initial inventory collection, then whenever a VM configuration changes.

    • CPP

      • rego-cpp - Rego compiler and runtime implemented in C++. It provides a C FFI with Rust and Python bindings in addition to an extensible C++ implementation.
      • regorus - C++ bindings to Regorus, a fast, lightweight Rego interpreter written in Rust.

    • Typescript

  • WebAssembly (Wasm)

    • WebAssembly Blogs and Articles

      • Enforce policies in the browser with Open Policy Agent - _first_ article in a series of three covering why and how to reuse backend Policy-as-Code in the browser.
      • Reuse Policy as Code β€” stay DRY - _second_ article in a series of three covering why and how to reuse backend Policy-as-Code in the browser. This article focus on Rego and HOW
      • OPA & Angular: Policy-as-Code in the browser - _third_ article in a series of three covering why and how to reuse backend Policy-as-Code in the browser. Angular Proof of Concept based on article 1 & 2.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.
      • Rego on WebAssembly - original OPA Wasm support blog post which summarizes how OPA's Wasm functionality works.

    • Docs

      • Wasm - Official docs on WebAssembly for OPA

    • Built with Wasm

      • OPA Wasm demo - Demonstration of evaluating OPA's Wasm modules in the browser
      • Snyk CLI - Test Infrastructure as Code source code for security misconfigurations and best practices in the local console. The npm-opa-wasm library is used to run WASM bundle of Rego policies to detect misconfiguration.
      • Snyk CLI - Test Infrastructure as Code source code for security misconfigurations and best practices in the local console. The npm-opa-wasm library is used to run WASM bundle of Rego policies to detect misconfiguration.
      • regorus - Evaluate Rego policies in WASM using Regorus. Try it out at [Regorus Playground](https://anakrish.github.io/regorus-playground/).

    • Typescript

      • NPM module - a small SDK for using WebAssembly compiled Open Policy Agent Rego policies
      • .NET Core Library - .NET SDK for calling Wasm-compiled OPA policies from .NET Core
      • OpaDotNet - Open Policy Agent (OPA) WebAssembly dotnet core SDK
      • OpaDotNet.Compilation - dotnet core backend for packaging Open Policy Agent Rego policies and data files into WASM policy bundles
      • Python Library - Open Policy Agent WebAssembly SDK for Python
      • JVM - Java SDK for calling Wasm-compiled policies. Uses wasmtime.
      • Rust - A crate to use OPA policies compiled to Wasm.
      • Go SDK - a small Go library for using WebAssembly compiled Open Policy Agent Rego policies

  • Kubernetes

  • Datasource Integrations

    • Blogs and Articles

      • Elasticsearch - OPA-Elasticsearch Data Filtering Example
      • Strimzi - Kafka in kubernetes, with built-in support for OPA as authorizer
      • Inspektor - Access Control as Code for databases using OPA to make its access decision
      • Alluxio - Alluxio is a data orchestration tool which allows [delegating access control decisions to OPA](https://docs.alluxio.io/ee/user/2.10.0/en/security/OpenPolicyAgent-Integration.html)
      • Kafka Authorizer - Kafka authorizer plugin using OPA, with example policies
      • OPA Single Message Transformer - Single Message Transformer for Kafka. Uses OPA to choose which records to filter out based on policy.
      • Data Filtering on Spring Data - Data filtering for MongoDB and JPA using OPA
      • Google Calendar - Integrating OPA with the Google Calendar API
      • Trino OPA Authorizer - Plugin for Trino that allows using OPA for authorization

    • Datasource Integrations Blogs and Articles

  • IDE and Editor Integrations

    • Datasource Integrations Blogs and Articles

      • VS Code plugin - Develop, test, debug, and analyze policies for OPA in VS Code
      • Atom - Syntax highlighting for the Atom editor
      • TextMate - Syntax highlighting for TextMate
      • Sublime - Syntax highlighting for Sublime
      • Prism - Prism is a lightweight, extensible syntax highlighter, built with modern web standards in mind (supports Rego)
      • IntelliJ plugin - OPA plugin for the IntelliJ IDE
      • Zed Extension - Zed extension for OPA and Rego leveraging [Regal](https://docs.styra.com/regal)
      • Emacs - Emacs Major mode for working with Rego
      • Vim - Vim plugin for the Rego language, with support for syntax highlighting
      • Null-ls - Use Neovim as a language server to inject LSP diagnostics, code actions, and more. Supports linting rego files.
      • CodeMirror - Rego mode and minimal key map for [CodeMirror](https://codemirror.net/)
      • Nano - Syntax highlighting for Nano
      • tree-sitter-rego - Tree-sitter grammar for Rego ([blog](https://decodeapps.pp.ua/blog/post/rego-treesitter))

  • Testing

    • Serverless Blogs and Articles

      • gator CLI - Command line unit test runner for OPA Gatekeeper
      • rego-test-assertions - Helper library for working with assertions in Rego unit tests
      • kube-review - CLI tool to quickly create [AdmissionReview](https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/) requests from Kubernetes resources
      • ocov - Colors `opa test --coverage` reports in the terminal
      • opa-codecov - Convert OPA test coverage report to a JSON format supported by Codecov
      • github-action-opa-rego-test - GitHub Action to automate testing for your OPA Rego policies and generates a report.

    • Testing Blogs and Articles

  • Support and Community

    • Serverless Blogs and Articles

    • Testing Blogs and Articles

      • Styra - Commercial support, and tools for managing OPA at scale, by the creators of OPA
      • Stack Overflow - Stack Overflow OPA section

  • Commercial Tools

    • Meetup Groups

      • Styra DAS - Styra Declarative Authorization Service, from the creators of OPA
      • Enterprise OPA - Enterprise-grade authorization engine for data-heavy workloads
      • Scalr - Collaboration and Automation for Terraform, backed by OPA
      • Fairwinds Insights - Run OPA policies consistently across CI/CD, Admission Control, and an multi-cluster scanner
      • Snyk IaC - Test Infrastructure as Code source code repositories for security misconfigurations and best practices. The OPA golang libraries are used to evaluate Rego policies to detect misconfigurations in the repositories.
      • Spacelift
      • env0
      • Styra DAS - Styra Declarative Authorization Service, from the creators of OPA
      • Enterprise OPA - Enterprise-grade authorization engine for data-heavy workloads
      • Scalr - Collaboration and Automation for Terraform, backed by OPA
      • Fairwinds Insights - Run OPA policies consistently across CI/CD, Admission Control, and an multi-cluster scanner
      • Snyk IaC - Test Infrastructure as Code source code repositories for security misconfigurations and best practices. The OPA golang libraries are used to evaluate Rego policies to detect misconfigurations in the repositories.
      • Spacelift
      • env0

  • Community

  • Policy Packages

    • Blogs and Articles

      • Library - Community-owned policy library for OPA
      • Policy Hub CLI - CLI tool that makes Rego policies searchable
      • Appshield - Open Database of rego policies for common Infrastructure as Code files
      • Conftest policy packs - Collection of Conftest policies for "Compliance-as-Code" security policies and general engineering standards. Policies targeting Terraform, Dockerfiles, package.json (NodeJS) files, etc
      • Confectionary - A library of rules for Conftest used to detect Terraform misconfigurations.
      • Kubernetes Security Policies - Raspernetes library for fortifying cluster configurations
      • Kubescape Rego library - Comprehensive set of Kubernetes policies from Kubescape

  • Nomad

    • Blogs and Articles

      • Nomad Admission Control Proxy - An admission controller that can be used as a proxy to Nomad's API for mutation and validation with builtin OPA support.

  • Tools and Utilities

    • Testing Blogs and Articles

      • Regal - Regal is a linter for Rego, with the goal of making your Rego magnificent! ([blog](https://www.styra.com/blog/guarding-the-guardrails-introducing-regal-the-rego-linter/))
      • setup-opa - GitHub action to configure the Open Policy Agent CLI in your GitHub Actions workflows
      • Fregot - Alternative REPL implementation for Rego
      • OPA pre-commit - Pre-commit hooks for OPA/Rego/Conftest development
      • Monitor OPA Gatekeeper - Monitoring implementation guide for OPA Gatekeeper ([blog](https://sysdig.com/blog/monitor-gatekeeper-prometheus/))
      • OpenAPI to Rego - Generate Rego code given an OpenAPI 3.0 Specification
      • Temporal reasoning with OPA - Examples for working with time in Rego
      • OPAL - Realtime policy and data updates for your OPA agents on top of websockets pub/sub
      • OPA Action - OPA Pull-Request Assessor is a GitHub Action that checks files against policies configured in the same repo
      • OPA Schema Examples - Examples of extending the OPA type checker with JSON [schemas](https://www.openpolicyagent.org/docs/latest/schemas/)
      • Open Policy Containers - Secure software supply chains for OPA policies. Push, pull, tag, test, version, and sign OPA policies.
      • Snyk IaC Rules - Maintain library of Rego rules, run integration tests and build WASM bundles for distribution of rules. The OPA libraries are used to build WASM bundles.
      • Topaz - Topaz is an open-source application authorization project that uses OPA as the decision engine and supports Rego policies.
      • opactl - A simple tool to turn your Rego rule into CLI command ([blog](https://itnext.io/implement-a-policy-and-use-it-in-cli-de906237c6ab))
      • alfred - A self-hosted OPA Playground Alternative
      • RΓΆnd - RΓΆnd is a lightweight container that distributes security policy enforcement throughout your application
      • opa-explorer - Visual tool for exploring the different compilation stages of the OPA topdown compiler
      • mcov - A tool that'll check your Rego source files and report the minimum compatible OPA version required
      • rq (Rego Query) - jq-inspired tool to bring Rego to your shell pipelines

    • Serverless Blogs and Articles

  • Other Usecases

    • Testing Blogs and Articles

      • SansShell - A non-interactive daemon for host management, where any action is authorized by OPA
      • goast - Go AST (Abstract Syntax Tree) based static analysis tool using Rego
      • Reposaur - Audit, verify and report on development platforms (GitHub and others) easily with pre-defined and/or custom policies.

  • Fun and Quirky

Programming Languages
Go 28 Open Policy Agent 16 Python 9 Java 8 C# 5 TypeScript 4 Shell 2 JavaScript 2 Clojure 2 C++ 2
Categories
Official projects 69 Infrastructure as Code 61 WebAssembly (Wasm) 50 Serverless 49 People 43 Language and Platform Integrations 35 Kubernetes 33 Tools and Utilities 20 Commercial Tools 14 IDE and Editor Integrations 13 Datasource Integrations 11 Recommended Reading 9 Testing 7 Policy Packages 7 Support and Community 4 Fun and Quirky 4 Other Usecases 3 Community 2 Nomad 1
Sub Categories
Blogs and Articles 92 Serverless Blogs and Articles 57 Infrastructure as Code Blogs and Articles 51 Testing Blogs and Articles 38 WebAssembly Blogs and Articles 37 Datasource Integrations Blogs and Articles 26 Meetup Groups 25 Community Stars 21 Built with Wasm 19 Maintainers 13 Typescript 9 Python 8 Docs 7 Java 6 .NET 4 Service Mesh Authorization 4 Go 4 Docker 3 Clojure 2 CPP 2 Rust 2 Repositories 2 Containers 1 Node.js 1 PHP 1
Keywords
opa 43 rego 24 open-policy-agent 20 security 14 openpolicyagent 13 kubernetes 13 authorization 12 policy 11 conftest 7 policy-as-code 7 gatekeeper 6 golang 5 go 4 compliance 4 devsecops 4 cloud-native 4 security-tools 3 infrastructure-as-code 3 iac 3 docker 3 vulnerability-detection 3 policies 3 admission-controller 3 spring-security 2 open-policy-agent-python 2 python 2 vulnerability-scanners 2 validation 2 testing 2 authorization-middleware 2 mutation 2 k8s 2 devops 2 nodejs 2 terraform 2 aws 2 lsp 2 dotnet-core 2 code-quality 2 wasm 2 rbac 2 java 2 github-actions 2 cncf 2 declarative 2 container-cop 1 deno 1 browser 1 forklift 1 opa-rego-policies 1