Room 2 

10:20 - 11:20 


Talk (60 min)

OPA everywhere! Exploring new opportunities in policy evaluation

A key factor in the success of OPA is the versatility of the tool. As a general purpose policy engine, the number of use cases are many— whether it’s Kubernetes admission control, application authorization, guardrails around your infrastructure, or something else entirely.

Application Security
Cloud Security
Security Tooling

This requires a flexible policy engine capable of making decisions on any type of data, but just as much, it needs to operate in any type of environment — from embedded to the cloud. In this presentation, we’ll explore compiling Rego into the new, low-level Intermediate Representation (IR) format, and the opportunities (and challenges!) provided by moving the policy decision point from an external component, and into our applications. We’ll take a closer look at the format of an evaluation plan, and what a simple evaluator implementation might look like. Can we run OPA anywhere and everywhere? Let’s find out!

Anders Eknert

Developer advocate at Styra with a long background in software development, security and identity systems in primarily distributed environments. When not in front of his computer he enjoys watching football, cooking and Belgian beers.