OPA

Cloud-native / microservice-based products are complex. Building access control and managing permissions for them is only getting worse by the pull request.

The Bikini Bottom guide to ABAC authorization models and their implementation with OPA

How to Build The Right App Authorization Solution - An Intro to Open Policy Agent

A guide to figuring out which data fetching method is best for you, with full knowledge of each method’s ‘Good, Bad, and Ugly’ aspects.

Open Policy Administration Layer (OPAL) is an open-source administration layer for OPA and AWS' Cedar Agent that allows you to keep your authorization layer up-to-date in real time

A view of OPAL + OPA as an alternative to XACML

The Bikini Bottom guide to RBAC authorization models and their implementation with OPA

An Intellyx BrainBlog for Permit.io by Jason English

Kong is a popular API gateway, but managing access to its APIs and services is hard - especially when required advanced permissions models like RBAC/ABAC/ReBAC

IAM is huge in DevSecOps, with seemingly infinite buzzwords and terms. Here are the main ones every engineer and security professional should know.

How Netflix solved the challenge of authorizing millions of users by using OPA, how you can adopt this solution, and possibly create something even better

What are the benefits of policy as code, and how does OPA's Rego language differ from AWS' new Cedar policy language?

Graph-based or policy-as-code? Explore access control systems in this comparative analysis. Discover pros, cons, and a hybrid solution.

Choosing the right policy agent to handle your authorization is not a simple task - each offers its benefits and has its drawbacks. How to choose? Read here.

Learn how to implement Relationship-Based Access Control (ReBAC) with OPA - an open source policy engine for controlling access to systems and resources.

Get ready to rumble! Join us on a quest to find the best authorization policy model in an epic battle royale: RBAC vs. ABAC vs. ReBAC

Learn how Reddit built its advanced Ad Tech authorization system with Open Policy Agent (OPA) and how you can build one yourself with OPAL!

Policy languages and frameworks like OPA, Cedar, and OpenFGA are rising in popularity. Explore the solutions they provide, and the benefits of using them.

Attribute-Based Access Control (ABAC) and Relationship-Based Access Control (ReBAC) - how to make the most suitable choice for your application?

Learn how to implement hybrid cloud security using the multi-layer approach. Explore best practices with practical examples of IAM security and authorization.

Discover the possible tradeoffs when building fine-grained authorization (FGA). Learn from a real-world use case how to examine such tradeoffs and build better software.