Deploying Open Policy Agent at Atlassian
From the Open Policy Agent Summit at KubeCon, Chris Stivers and Nicholas Higgins from Atlassian walk through their journey building a global authorization platform with Open Policy Agent and the help of Fluentd, S3, CDN's, Amazon Kinesis, and many more.
Abstract: Atlassian provides a number of cloud products including Jira, Confluence, and BitBucket which requires building and hosting 1000+ services distributed around the world. As is often the case, authorization was not initially seen as platform concern. This lead many of the services to implement their own authorization mechanisms. The end result was individually secure services, but a difficult environment for security teams to centrally audit and control. To continue to scale the business this had to change.
Attendees can expect to take away battle tested and scalable strategies for how to architect authorization and management systems around OPA.