Enabling authorization policies across disparate cloud-native environments such as containers, microservices and modern application delivery infrastructure is complex and can be a roadblock for software engineering teams.
Open Policy Agent, or OPA, is an open, declarative, policy-as-code approach to authorization that reduces security and compliance burden for engineering teams. Business context is translated into declarative policy statements. These policy statements are compiled into code and deployed as agents that can be injected into any process, such as an API gateway, Kubernetes provisioning service, public cloud access controls, or continuous delivery automation service.
Styra created and contributed OPA to the Cloud Native Computing Foundation where it is a graduated project with over 130M downloads to date and is used by large companies. Styra’s enterprise commercial offering, Declarative Authorization Service (DAS), is specifically designed for OPA and includes the ability to author policies, preview impacts of new policies, and document the history of old policies, all through a single view.
Tim Hinricks, CTO and founder of Styra, joins the show today to discuss how to make authorization policies easier to author, distribute, and monitor.
One note of disclosure to be aware of: Styra is a portfolio company of Capital One Ventures, the strategic investing arm of Capital One. Views and questions expressed in this podcast and related material are my own, or those of my guest, and do not reflect the views of Capital One Ventures or its respective affiliates.
FOLLOW Jocelyn: twitter.com/jocelynbyrne
Sponsorship inquiries: sponsor@softwareengineeringdaily.com
The post Cloud-native Authorization with Tim Hinrichs appeared first on Software Engineering Daily.
