Bug#1088230: ITP: golang-github-open-policy-agent-opa -- Open Policy Agent (OPA) is an open source, general-purpose policy engine.

To: submit@bugs.debian.org
Subject: Bug#1088230: ITP: golang-github-open-policy-agent-opa -- Open Policy Agent (OPA) is an open source, general-purpose policy engine.
From: Simon Josefsson <simon@josefsson.org>
Date: Mon, 25 Nov 2024 14:33:49 +0100
Message-id: <[🔎] 877c8r4ev6.fsf@kaka.sjd.se>
Reply-to: Simon Josefsson <simon@josefsson.org>, 1088230@bugs.debian.org

Package: wnpp
Severity: wishlist
Owner: Simon Josefsson <simon@josefsson.org>

* Package name : golang-github-open-policy-agent-opa
Version : 0.70.0-1
Upstream Author : Open Policy Agent
* URL : https://github.com/open-policy-agent/opa
* License : Apache-2.0
Programming Lang: Go
Description : Open Policy Agent (OPA) is an open source, general-purpose policy engine.

Open Policy Agent (OPA) is an open source, general-purpose policy engine
that enables unified, context-aware policy enforcement across the entire
stack.
.
How does OPA work?
.
OPA gives you a high-level declarative language to author and enforce
policies across your stack.
.
With OPA, you define *rules* that govern how your system should behave.
These rules exist to answer questions like:
.
* Can user X call operation Y on resource Z?
* What clusters should workload W be deployed to?
* What tags must be set on resource R before it's created?
.
You integrate services with OPA so that these kinds of policy decisions
do not have to be *hardcoded* in your service. Services integrate with
OPA by executing *queries* when policy decisions are needed.
.
When you query OPA for a policy decision, OPA evaluates the rules and
data (which you give it) to produce an answer. The policy decision is
sent back as the result of the query.
.
For example, in a simple API authorization use case:
.
* You write rules that allow (or deny) access to your service APIs.
* Your service queries OPA when it receives API requests.
* OPA returns allow (or deny) decisions to your service.
* Your service *enforces* the decisions by accepting or rejecting
requests accordingly.
.
For concrete examples of how to integrate OPA with systems like
Kubernetes (https://www.openpolicyagent.org/docs/kubernetes-admission-
control.html), Terraform
(https://www.openpolicyagent.org/docs/terraform.html), Docker
(https://www.openpolicyagent.org/docs/docker-authorization.html), SSH
(https://www.openpolicyagent.org/docs/ssh-and-sudo-authorization.html), and
more, see openpolicyagent.org (https://www.openpolicyagent.org).

I hope to maintain this package as part of Debian Go Packaging Team:

https://salsa.debian.org/go-team/packages/golang-github-open-policy-agent-opa

/Simon

Attachment: signature.asc
Description: PGP signature

Reply to:

Prev by Date: Bug#1088229: ITP: python-json-schema-for-humans -- quickly generate HTML documentation from a JSON schema
Next by Date: Re: Misc Developer News (#60)
Previous by thread: Bug#1088229: ITP: python-json-schema-for-humans -- quickly generate HTML documentation from a JSON schema
Next by thread: Re: GnuPG 2.4 before Trixie freeze
Index(es):
- Date
- Thread