implementing-opa-gatekeeper-for-policy-enforcement

Featured

Enforce Kubernetes admission policies using OPA Gatekeeper with ConstraintTemplates, Rego rules, and the Gatekeeper policy library.

AI & Automation 12,642 stars 1468 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Implementing OPA Gatekeeper for Policy Enforcement ## Overview OPA Gatekeeper is a Kubernetes admission controller that enforces policies written in Rego. It uses ConstraintTemplates (policy blueprints with Rego logic) and Constraints (instantiated policies with parameters) to validate, mutate, or deny Kubernetes resource requests at admission time. ## When to Use - When deploying or configuring implementing opa gatekeeper for policy enforcement capabilities in your environment - When establishing security controls aligned to compliance requirements - When building or improving security architecture for this domain - When conducting security assessments that require this implementation ## Prerequisites - Kubernetes cluster v1.24+ - Helm 3 - kubectl with cluster-admin access - Familiarity with Rego policy language ## Installing Gatekeeper ```bash # Install via Helm helm repo add gatekeeper https://open-policy-agent.github.io/gatekeeper/charts helm repo update helm install gatekeeper gatekeeper/gatekeeper \ --namespace gatekeeper-system --create-namespace \ --set replicas=3 \ --set audit.replicas=1 \ --set audit.logLevel=INFO # Verify kubectl get pods -n gatekeeper-system kubectl get crd | grep gatekeeper ``` ### Verify Installation ```bash # Check webhook kubectl get validatingwebhookconfigurations gatekeeper-validating-webhook-configuration # Check CRDs kubectl get crd constrainttemplates.templates.gatekeeper.sh kubectl get crd configs.config.gatekeepe...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
today
Language
Python
License
Apache-2.0

Integrates with

Kubernetes · Infrastructure

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

implementing-policy-as-code-with-open-policy-agent

This skill covers implementing Open Policy Agent (OPA) and Gatekeeper for policy-as-code enforcement in Kubernetes and CI/CD pipelines. It addresses writing Rego policies, deploying OPA Gatekeeper as a Kubernetes admission controller, testing policies in development, and integrating policy evaluation into deployment pipelines.

12,642 Updated today
mukul975
DevOps & Infrastructure Solid

opa-policies

Write OPA/Gatekeeper and Kyverno admission policies for Kubernetes security guardrails.

14 Updated 3 days ago
sawrus
DevOps & Infrastructure Solid

policy-opa

Policy-as-code enforcement and compliance validation using Open Policy Agent (OPA). Use when: (1) Enforcing security and compliance policies across infrastructure and applications, (2) Validating Kubernetes admission control policies, (3) Implementing policy-as-code for compliance frameworks (SOC2, PCI-DSS, GDPR, HIPAA), (4) Testing and evaluating OPA Rego policies, (5) Integrating policy checks into CI/CD pipelines, (6) Auditing configuration drift against organizational security standards, (7) Implementing least-privilege access controls.

335 Updated today
aiskillstore
AI & Automation Featured

implementing-pod-security-admission-controller

Implement Kubernetes Pod Security Admission to enforce baseline and restricted security profiles at namespace level using built-in admission controller.

12,642 Updated today
mukul975
AI & Automation Featured

implementing-gcp-organization-policy-constraints

Implement GCP Organization Policy constraints to enforce security guardrails across the entire resource hierarchy, restricting risky configurations and ensuring compliance at organization, folder, and project levels.

12,642 Updated today
mukul975