Centralized Policy-Based Access Control in a Distributed Microservice World with Open Policy Agent
28:04
This talk is targeted toward a more technical audience. Outline: •What is OPA •What Problems does it solve? •How can OPA be used in a Policy-Based Access Control architecture •Example live demo use cases Open Policy Agent (OPA) is a lightweight, distributed general-purpose policy engine supported by the Cloud Native Computing Foundation (CCNF). It can be used as a distributed Policy Decision Point (PDP) in any service or system and on any layer of the stack. Due to its decentralized and disconnected nature, it supports policy enforcement at scale in microservice and environments. In this talk, we’ll get an overview of OPA and how it works and then see real-world authorization examples of OPA enforcing centrally authored Policy-Based Access Control (PBAC) rules. (Architecture & Deployment, Access Control, Authorization, Security, Standards, Patrick Parker)