OPA Ecosystem / Kubernetes


Kubernetes Admission Control

Styra, Microsoft and Google

View a selection of projects and talks about integrating OPA with Kubernetes.
View Kubernetes Admission Control Details

Styra Declarative Authorization Service

Policy as Code Control Plane by Styra

Styra DAS has native support for mutating and validating Kubernetes at admission time via a prebuilt ‘system-type’, this is documented here.
View Details

Fairwinds Insights Configuration Validation Software


Implements auditing and admission checking of Kubernetes resources using Rego policy using Polaris.
View Details

OPA Gatekeeper

Rego Policy Controller for Kubernetes

OPA Gatekeeper integrates with Kubernetes Admission and also uses Custom Resources and the Kubernetes API server to store policy state.
View OPA Gatekeeper Details

Kubernetes Authorization


View an example project showing how it’s possible to integrate OPA with Kubernetes User Authorization.
View Kubernetes Authorization Details



Spacelift supports Rego as a language to describe policies for various resource types, including Kubernetes. View the policy documentation for more information.
View Spacelift Details

Kubernetes Admission Control using Vulnerability Scanning

This example project in OPA contrib uses OPA to enforce admission policy in Kubernetes.
View Details

GKE Policy Automation


The GKE Policy Automation project provides a set of policies for validating Kubernetes clusters running on GKE. Review the policy library here
View GKE Policy Automation Details


Secure Kubernetes using eBPF & Open Policy Agent

KubeShield implements runtime policy for containers in a Kubernetes cluster using eBPF. Follow the tutorial here to get up and running.
View KubeShield Details
Implements the CIS benchmark using Rego for Kubernetes workloads.
View ccbr Details

Integrations are ordered by the amount of linked content.

Do you have an OPA-based project or integration to share? Follow these instructions to get it listed or go to the #ecosystem channel in the OPA Slack if you have any questions.