policy-opa

Solid

Policy-as-code enforcement and compliance validation using Open Policy Agent (OPA). Use when: (1) Enforcing security and compliance policies across infrastructure and applications, (2) Validating Kubernetes admission control policies, (3) Implementing policy-as-code for compliance frameworks (SOC2, PCI-DSS, GDPR, HIPAA), (4) Testing and evaluating OPA Rego policies, (5) Integrating policy checks into CI/CD pipelines, (6) Auditing configuration drift against organizational security standards, (7) Implementing least-privilege access controls.

DevOps & Infrastructure 335 stars 29 forks Updated today

Install

View on GitHub

Quality Score: 85/100

Stars 20%
84
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
80
License 10%
0
Description 5%
100

Skill Content

# Policy-as-Code with Open Policy Agent ## Overview This skill enables policy-as-code enforcement using Open Policy Agent (OPA) for compliance validation, security policy enforcement, and configuration auditing. OPA provides a unified framework for policy evaluation across cloud-native environments, Kubernetes, CI/CD pipelines, and infrastructure-as-code. Use OPA to codify security requirements, compliance controls, and organizational standards as executable policies written in Rego. Automatically validate configurations, prevent misconfigurations, and maintain continuous compliance. ## Quick Start ### Install OPA ```bash # macOS brew install opa # Linux curl -L -o opa https://openpolicyagent.org/downloads/latest/opa_linux_amd64 chmod +x opa # Verify installation opa version ``` ### Basic Policy Evaluation ```bash # Evaluate a policy against input data opa eval --data policy.rego --input input.json 'data.example.allow' # Test policies with unit tests opa test policy.rego policy_test.rego --verbose # Run OPA server for live policy evaluation opa run --server --addr localhost:8181 ``` ## Core Workflow ### Step 1: Define Policy Requirements Identify compliance requirements and security controls to enforce: - Compliance frameworks (SOC2, PCI-DSS, GDPR, HIPAA, NIST) - Kubernetes security policies (pod security, RBAC, network policies) - Infrastructure-as-code policies (Terraform, CloudFormation) - Application security policies (API authorization, data access) - Orga...

Details

Author
aiskillstore
Repository
aiskillstore/marketplace
Created
5 months ago
Last Updated
today
Language
Python
License
None

Integrates with

Kubernetes · Infrastructure Terraform · Infrastructure

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

implementing-policy-as-code-with-open-policy-agent

This skill covers implementing Open Policy Agent (OPA) and Gatekeeper for policy-as-code enforcement in Kubernetes and CI/CD pipelines. It addresses writing Rego policies, deploying OPA Gatekeeper as a Kubernetes admission controller, testing policies in development, and integrating policy evaluation into deployment pipelines.

13,115 Updated today
mukul975
AI & Automation Featured

implementing-opa-gatekeeper-for-policy-enforcement

Enforce Kubernetes admission policies using OPA Gatekeeper with ConstraintTemplates, Rego rules, and the Gatekeeper policy library.

13,115 Updated today
mukul975
DevOps & Infrastructure Solid

opa-policies

Write OPA/Gatekeeper and Kyverno admission policies for Kubernetes security guardrails.

15 Updated today
sawrus
AI & Automation Listed

using-agentops

Meta skill explaining the AgentOps operating model. Hook-capable runtimes inject it at session start; Codex uses it through the explicit startup fallback. Covers bookkeeping, validation, primitives, flows, the RPI lifecycle, and the skill catalog.

375 Updated today
boshu2
Code & Development Listed

policy-drafter

Policy-drafting workflow for security policies — AUP, Incident Response Plan, Access Control, Data Classification, BCP, Change Management, Vendor Management, Crypto, and Remote Work. Structure with Purpose/Scope/Statement/Roles/Enforcement/Review, ISO 27001 Annex A.5 alignment, NL/EN drafting.

4 Updated 1 weeks ago
roodlicht