摘要：架构示例 envoy.yaml node: id: "backend" cluster: "demo-cluster-spire" static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 阅读全文

摘要：cat >server.conf <<EOF [ req ] prompt = no req_extensions = v3_ext distinguished_name = dn [ dn ] CN = opa.opa.svc [ v3_ext ] basicConstraints = CA:FA 阅读全文

摘要：docker-compose.yaml version: "3.7" services: ext_authz-opa-service: image: openpolicyagent/opa:latest-envoy volumes: - ./policy.rego:/etc/policy.rego 阅读全文

摘要：Open Policy Agent Open Policy Agent（简称OPA）是一款go语言编写的开源通用策略引擎，它通过高级声明式语言rego编写策略代码为应用程序实现细粒度的访问控制机制，可用于为微服务、Kubernetes、CI/CD pipeline和API Gateway等应用场景实 阅读全文