OPA Training: Get Started!


Manage OPA
for Kubernetes

Try Styra DAS Free

Open Policy Agent for Kubernetes

Deploy OPA at scale with turnkey policy authoring, distribution and monitoring for Kubernetes security and compliance

Styra Declarative Authorization Service—built on Open Policy Agent—provides context-based admission control policy to mitigate risk, reduce human error and accelerate Kubernetes deployments.



OPA Kubernetes

Styra DAS was purpose-built to address today’s “Everything-as-code” requirements for security and compliance:

Shift security left with a declarative model that works with Kubernetes admission control webhooks to prevent risk before runtime

Validate policy before enforcement to eliminate human error and accidental breakages

Visualize admission control decisions for easy intra-department communication

Use built-in libraries and clear GUI to implement policy-as-code, with or without coding skills

Trust the industry's only security solution built by the founders of Open Policy Agent

Why Styra DAS for Kubernetes?

Kubernetes has evolved from experimentation to production—now teams must secure this new environment, but dynamism and scale add exponential complexity


Policy Design and Validation

Get to day 2 quickly with OPA policy authoring and impact analysis for admission control

The future of security is policy-as-code, but not every security team is made up of coders. That’s why Styra DAS provides both a point-and-click user interface as well as a rich code editor.

With a built-in library of best practices and security policies sourced from real-world OPA use cases, it's easy to get K8s guardrails up and running quickly.

DevOps and Platform teams can pre-run policies to analyze their impact before deployment, see where violations occur and analyze existing workloads for compliance across clusters.

Policy Distribution

Mitigate risk and ensure consistency across clusters, based on namespace, labels and more

Styra Policy Stacks allow easy deployment of OPA policy across systems. DevOps teams can create a “stack” of rules and deploy that stack across multiple clusters grouped by common traits like production/staging, namespace, PCI or custom attributes.

Styra Policy Stacks enable teams to monitor groups of related systems as one, to ensure consistency and to easily identify any anomalies early.

Open Policy Agent K8s
OPA Admission Control

Policy Monitoring and Auditing

Ensure your clusters are secure and compliant, with transparency across teams

Styra DAS provides actionable, graphical views of all admission control policy decisions/mutations, as well as any compliance violations. Dashboards give immediate insights to Security and DevOps teams, and data can be sent to external monitoring systems like Prometheus or SIEM tools.

All historical decisions can be independently searched and replayed through updated policy/rulesets, to prove to both internal and external auditors that controls are in place to meet Kubernetes security and compliance regulations.


Jumpstart deployments and ensure compliance with pre-built packs of relevant policy

Styra Policy Packs eliminate the need to research, identify and implement baseline guardrails/policies. Packs include:

PCI DSS 3.2, MITRE ATT&CK and CIS Benchmarks

OPA Community Best Practices

Kubernetes Pod Security Policies

Accelerate Kubernetes adoption, decrease time spent writing and configuring policies from scratch and reduce delays and risk resulting from human error.

Kubernetes Policy OPA

Shift Security Left

Integrate Styra DAS guardrails into existing GitOps and CI processes and tooling

Styra DAS shifts security and compliance left to notify developers of violations earlier, so they can be fixed sooner—before being committed into production. Security and DevSecOps teams define policies once, and then check compliance at every stage: Development, Build/Test and Production.

Github and CI integrations ensure that Styra DAS stops errors and eliminates rogue deployments early, to help developers spend less time on manual remediation, and instead focus on more differentiated work.

Manage OPA for Kubernetes Security

Ready to Learn More? The Styra Whitepaper "Kubernetes Security and Compliance via Admission Control" walks through how Kubernetes lets you extend its API server for custom rules and policies, how Styra integrates with Kubernetes Admission Control for policy enforcement and even some sample policies that will help to secure and accelerate your Kubernetes development.

Declarative Authorization Service

Request a Demo

1800 Broadway, Suite 1 Redwood City CA 94063