OPA! Oversight for Terraform 0.12 Workflows

Erin Atkinson of Hashicorp, Devops Meetup June 10, 2019

What is OPA?

https://www.openpolicyagent.org/docs/v0.10.7/

OPA is a lightweight general-purpose policy engine that can be co-located with your service. You can integrate OPA as a sidecar, host-level daemon, or library.

Services offload policy decisions to OPA by executing queries. OPA evaluates policies and data to produce query results (which are sent back to the client). Policies are written in a high-level declarative language and can be loaded into OPA via the filesystem or well-defined APIs.