mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-11 21:54:56 +03:00
mukul975
1.9 KiB
1.9 KiB
Workflow Reference: Policy as Code with OPA
Policy Lifecycle
Author Rego Policy
│
▼
┌──────────────────┐
│ Unit Test with │
│ OPA test │
└──────┬───────────┘
│
▼
┌──────────────────┐
│ Integration Test │
│ with conftest │
└──────┬───────────┘
│
▼
┌──────────────────┐
│ Deploy to Cluster│
│ (warn mode) │
└──────┬───────────┘
│
▼
┌──────────────────┐
│ Monitor + Triage │
│ Violations │
└──────┬───────────┘
│
▼
┌──────────────────┐
│ Switch to deny │
│ mode │
└──────────────────┘
OPA/Gatekeeper Architecture
API Request → Kubernetes API Server → Gatekeeper Webhook
│
┌──────┴──────┐
│ OPA Engine │
│ (Rego eval) │
└──────┬──────┘
│
┌──────┴──────┐
│ Constraint │
│ Templates │
└──────┬──────┘
│
Allow / Deny