open-policy-agent

问题 We are using conftest to validate if our terraform changeset applies to certain rules & compliances. One thing we want to validate is wether our AWS resources are tagged according to the AWS tagging convention, which specifies certain tags to use (e.g. Owner, ApplicationRole, Project) and specifies that all tags and values are in CamelCase. in terraform the changeset is portrayed in the following (simplified) json output: { "resource_changes":{ "provider_name":"aws", "change":{ "before":{ },

问题 We are using conftest to validate if our terraform changeset applies to certain rules & compliances. One thing we want to validate is wether our AWS resources are tagged according to the AWS tagging convention, which specifies certain tags to use (e.g. Owner, ApplicationRole, Project) and specifies that all tags and values are in CamelCase. in terraform the changeset is portrayed in the following (simplified) json output: { "resource_changes":{ "provider_name":"aws", "change":{ "before":{ },

问题 I'm new to k8s, and I want to deploy OPA in the same pod as of my application in Google Kubernetes engine. But I don't know how to do this.Are there any references that I can refer more details about this ? Could you please help me figure out the steps I should follow ? 回答1: It should similar as deploying to any Kubernetes cluster as documented here. The difference could be you may want to use a LoadBalancer type service instead of NodePort. 来源： https://stackoverflow.com/questions/62258321

问题 I'm new to k8s, and I want to deploy OPA in the same pod as of my application in Google Kubernetes engine. But I don't know how to do this.Are there any references that I can refer more details about this ? Could you please help me figure out the steps I should follow ? 回答1: It should similar as deploying to any Kubernetes cluster as documented here. The difference could be you may want to use a LoadBalancer type service instead of NodePort. 来源： https://stackoverflow.com/questions/62258321