View a selection of projects and talks about integrating OPA with
Kubernetes.
View Kubernetes Admission Control Details
Styra Declarative Authorization Service
Policy as Code Control Plane by Styra
Styra DAS has native support for mutating and validating Kubernetes
at admission time via a prebuilt ‘system-type’, this is
documented here.
View Details
Fairwinds Insights Configuration Validation Software
Implements auditing and admission checking of Kubernetes resources
using Rego policy using
Polaris.
View DetailsOPA Gatekeeper
Rego Policy Controller for Kubernetes
OPA Gatekeeper integrates with
Kubernetes Admission
and also uses Custom Resources and the Kubernetes API server to
store policy state.
View OPA Gatekeeper Details
Kubernetes Authorization
View
an example project
showing how it’s possible to integrate OPA with Kubernetes User Authorization.
View Kubernetes Authorization Details
Spacelift
Spacelift supports Rego as a language to describe policies for various
resource types, including Kubernetes. View the
policy documentation for
more information.
View Spacelift Details
Kubernetes Admission Control using Vulnerability Scanning
This example project in
OPA contrib
uses OPA to enforce admission policy in Kubernetes.
View Details
GKE Policy Automation
The GKE Policy Automation project provides a set of policies for
validating Kubernetes clusters running on GKE. Review the
policy library here
View GKE Policy Automation Details
KubeShield
Secure Kubernetes using eBPF & Open Policy Agent
KubeShield implements runtime policy for containers in a Kubernetes
cluster using eBPF. Follow the
tutorial here
to get up and running.
View KubeShield DetailsImplements the CIS benchmark using Rego for Kubernetes workloads.
View ccbr DetailsIntegrations are ordered by the amount of linked content.