From f52ce0ea0d3f5dd5c1884c38ebbef5bf6d8330a0 Mon Sep 17 00:00:00 2001
From: Tolleiv Nietsch <github@tolleiv.de>
Date: Fri, 23 Apr 2021 15:11:27 +0200
Subject: [PATCH] Open Policy Agent

---
 radar/2021-01-01/open-policy-agent.md | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 radar/2021-01-01/open-policy-agent.md

diff --git a/radar/2021-01-01/open-policy-agent.md b/radar/2021-01-01/open-policy-agent.md
new file mode 100644
index 0000000..f83035a
--- /dev/null
+++ b/radar/2021-01-01/open-policy-agent.md
@@ -0,0 +1,12 @@
+---
+title:      "Open Policy Agent"
+ring:       assess
+quadrant:   tools
+
+---
+
+[Open Policy Agent](https://www.openpolicyagent.org/) (OPA) is a framework and language which allows to model and evaluate policies access services. The underlying expression language *rego* is purpose-built for the policy evaluations and implements the **Policy As Code** patterns. 
+
+The utility of OPA and Rego comes from the various integrations into other cloud-natives services and tools. It can be part of the Kubernetes Admission Control process, can be used for authorization decisions within a Service Mesh or could be part of infrastructure evaluation pipelines. 
+
+We use OPA in some of our infrastructure pipelines to ensure that changes don't have undesired impact or within Kubernetes to evaluate the overall conformity of our deployments with the gives policies.
\ No newline at end of file