En lieu of the current covid situation we kindly ask you to come PCR tested or vaccinated or, better yet, both. Please go to Schönbrunnerstraße 7 to show your valid testing or vaccination certificate and register in order to be able to come to the event at Schönbrunnerstraße 13.
Hi everyone,
It is our pleasure to announce another meetup just right before the summer, organized by Posedio, styra and cncv, hosted by TTTech . Not only do we collaborate with three disctinct technology expert companies this time, we also managed to bring Anders Eknert to Vienna to talk about Policy-based control for cloud native environments, what issues it solves and how we can leverage OPA to implement it.
Damjan Gjurovski - Enforcing policies everywhere - from the database to the service mesh
Application development in the cloud-native context can get complex quickly. Since modern applications are built on top of layers, it can be challenging to ensure no policy violations get through our enforcement efforts at any point in the stack. In this talk we will take a look at how OPA can be used at different levels of the tech stack to enforce a common policy throughout the application. We will secure our application at the database level, we will plug-in to the application itself and enforce policies at the service mesh. We will finally make sure our deployments follow the companies guidelines by enforcing policies on the infrastructure level.
4:00 PM
Anders Eknert - Policy as Code - an introduction to Open Policy Agent
Should user Alice be allowed to read credit reports? Should a cloud instance be deployable without basic security configuration in place? Should service X be allowed to query the database?
Policy defines the rules of our systems, but how do we ensure our policies are enforced consistently in increasingly distributed and diverse tech stacks?
In this talk we’ll explore the benefits of decoupling policy from our applications, deployment pipelines and platforms, and how Open Policy Agent (OPA) can help unify the way we work with policy across the stack.
