OPA
Open Policy Agent
Judgement: Adopt
General-purpose policy engine; mature Rego ecosystem.
General-purpose policy engine that decouples policy decisions from your services. Policies are written in Rego and evaluated at request time.
In a data mesh, OPA shows up wherever federated governance needs to enforce rules — access requests, contract gates in CI, infrastructure guard-rails — without putting the rules into application code.
Why it counts as a standard
Rego — the policy language OPA defines — has become the portable way to express authorization rules across cloud-native systems. Kubernetes admission control, service meshes, CI gates, and data-mesh governance all consume the same Rego policies. The language and the OPA evaluation API are the standard, with multiple compatible runtimes.
At a glance
- Category
- Policies
- Governance
- CNCF (Graduated)
- Status
- Stable; de-facto policy engine for cloud-native
- First released
- 2016
Links
Related standards
Other standards in Policies.
- ODRL — Open Digital Rights Language
See OPA in context
Open the interactive Data Landscape to compare OPA against every other open standard, or grab the raw JSON. Spotted something wrong? Open an issue.