Hands-On with OPA policies
To start with, I will share few details on how we approached OPA as a candidate technology for a revamp we have been doing. We had different authorization use cases coming from different applications which were depending on different data models and with some level of similarities as well. On the other hand we had a requirement to unify all these authorization use cases into one place and to use one technology, in a journey towards the goal of enforcing antitrust laws by design and to have the obvious benefits of maintenance and building in-house expertise. Open Policy Agent(OPA) was already available as the technology to start with and we started evaluating the transition from two fronts.
- Building OPA expertise and have hands-on experience on how it works and what it is capable of.
- Gather the use cases and data model details to derive few common patterns that can be evaluated in a PoC.
As part of the 2nd point we isolate 3 main patterns which I will share here along with the policy we came up with which can act as a template for few of the use cases.
