Skip to main content

Go Integrations

Projects using OPA as a Go module to implement policy-based functionality.

Regal

Regal

Regal is built using the Go Rego API. Regal evaluates linting rules defined in Rego against the Rego AST of policy files. The linter package is a good place to see how OPA is used in the project.

View Details
Rönd

Rönd

The Rönd sidecar uses the OPA Rego API to make API-access authorization decisions. See the OPA evaluator code.

View Details
Conftest

Conftest

Conftest is written in Go and uses the Rego Go API.

View Details
OPA Gatekeeper

OPA Gatekeeper

OPA Gatekeeper is written in Go and uses the Rego Go API to evaluate policies loaded from Custom Resources.

View Details
Topaz

Topaz

Topaz's Authorizer component makes use of the Rego API to evaluate policies to make authorization decisions for connected applications.

View Details
Dapr

Dapr

Dapr's contrib middleware include an OPA integration built on the Go API. This tutorial explains how to configure it.

View Details
dependency-management-data

dependency-management-data

dependency-management-data uses the Go Rego API to make it possible to write more complex rules around usages of Open Source and internal dependencies.

Example policies can be found in DMD's example project and provide an indication of some common use-cases.

View Details
Flipt

Flipt

Flipt's authorization feature uses the Go API to embed Open Policy Agent and evaluate authorization policies. These docs explain how it works.

View Details
Kubescape

Kubescape

Kubescape uses the Go Repo API to test Kubernetes objects against a range of posture controls.

View Details
Open Policy Registry

Open Policy Registry

Makes use of the OPA Repl package to interact with an OPA instance.

View Details
Pulumi

Pulumi

The Pulumi OPA bridge uses the Rego API to evaluate policies in a policy pack. View the docs and code.

View Details
Chef Automate

Chef Automate

Chef Automate uses the Go Rego API to evaluate authorization policies controlling access to its own API endpoints. The feature is documented here.

View Details
Container Signing, Verification and Storage in an OCI registry

Container Signing, Verification and Storage in an OCI registry

Cosign In-Toto attestations can be written in Rego, these are evaluated in the Cosign binary using the Go API.

View Details
Enterprise Contract

Enterprise Contract

The Enterprise Contract uses the OPA go library to process rego policies when validating the signatures and attestations of container images and other software artifacts.

View Details
Lula

Lula

Lula is written in Go and uses the Rego Go API to evaluate configuration for compliance against security controls.

View Details