10:20 - 11:20
Talk (60 min)
OPA everywhere! Exploring new opportunities in policy evaluation
A key factor in the success of OPA is the versatility of the tool. As a general purpose policy engine, the number of use cases are many— whether it’s Kubernetes admission control, application authorization, guardrails around your infrastructure, or something else entirely.
This requires a flexible policy engine capable of making decisions on any type of data, but just as much, it needs to operate in any type of environment — from embedded to the cloud. In this presentation, we’ll explore compiling Rego into the new, low-level Intermediate Representation (IR) format, and the opportunities (and challenges!) provided by moving the policy decision point from an external component, and into our applications. We’ll take a closer look at the format of an evaluation plan, and what a simple evaluator implementation might look like. Can we run OPA anywhere and everywhere? Let’s find out!