June 21-24, 2022
Austin, Texas, USA + Virtual
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit North America 2022 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Central Daylight Time (UTC -5). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.

Thursday, June 23 • 2:05pm - 2:45pm
Design Patterns for OPA and Cloud Native Authorization - Tim Hinrichs, Styra

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Part of the beauty of the cloud-native ecosystem is its rich selection of best-of-breed solutions that span the entirety of the software development lifecycle: from datastores, to CICD pipelines, to programming languages, to test frameworks. The challenge, however, is that all of these different projects and components need to be independently configured to meet security, compliance, and operational mandates. In this talk we focus on the problem of authorization (controlling which users and machines can perform which actions on software) and how to solve that authorization problem across many different kinds of software using the CNCF's graduated Open Policy Agent. OPA has been used by 100s of companies all over the planet to solve a plethora of authorization challenges in different domains, e.g. Kubernetes, service-meshes, infrastructure-as-code, SSH guardrails, and application-level authorization. For a new user, the challenge is understanding how to apply OPA to solve their own authz challenges. This talks helps by describing the 4 most popular design patterns for OPA and giving the audience pointers to documentated examples of how leaders in the cloud-native space (e.g. Pinterest, Atlassian, Goldman Sachs), have applied those patterns successfully.

avatar for Tim Hinrichs

Tim Hinrichs

CTO, Styra
Tim Hinrichs is a co-founder and CTO of Styra, the cloud-native authorization company, and he is a co-creator of the open source CNCF Open Policy Agent project. Before that, he worked at VMware and co-founded the OpenStack Congress project. Tim has 20+ years of experience developing... Read More →

Thursday June 23, 2022 2:05pm - 2:45pm CDT
Room 310/311 (Level 3)
  CloudOpen, Policy Agents