Session
Make your security policy auditable
Nowadays, everybody realizes the importance of preventing undue access to one's applications.
Many conceptual models are available: RBAC, ABAC, you name it.
Likewise, all popular stacks have frameworks and libraries to help developers implement your chosen policy access.
If your organization only has a handful of apps, that's all fine and dandy, but problems appear at scale.
One such problem is keeping under control access configuration across dozens or even hundreds of apps.
It requires regular, if not continuous, auditing:
it's impossible to achieve when the configuration is code, even worse if it's a compiled language.
Open Policy Agent aims to externalize such configuration in a text format with specified semantics.
In this presentation, I'll explain OPA in more detail and demo how to migrate from a regular Spring Boot application to an OPA-based approach in different steps.
Nicolas Fränkel
Developer Advocate for Apache APISIX
Genève, Switzerland
Links
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top