In traditional systems, policies had to be tightly coupled and hardcoded. Conventionally, both the policy definition and the policy enforcement were embedded into the application logic. Policies had to be defined individually for every single platform and application using different policy languages, policy models, and policy APIs. So, policy-based access management was a hectic procedure for developers as well as for administrators when organizations moved into distributed applications, microservices, Kubernetes, and cloud-native technologies.
As a solution, Open Policy Agent (OPA) was introduced as a general purpose policy engine that can be used in applications and centrally managed.
This article goes through the ‘ABC’s in Open Policy Agent and basics in integrating OPA with Cloud Native Technologies.