Kubernetes provides a built-in access control system called RBAC – Role-Based Access Control, that allows limiting access to specific resources. For a modern enterprise with cross-functional DevOps teams restricting access to the whole resource is not an option. This is where OPA comes to the rescue, as when installed as an admission webhook it allows to create very granular policies for manifests contents and configuration. In this presentation, Adam will show examples of the policies configuration with a focus on Rego, the language used by Open Policy Agent for writing policies.
Solution Architect and Head of Automotive R&D