Styra was founded with the simple premise that policy and authorization needed to be reinvented for the cloud-native environment. In order to secure and manage an exponentially more complex, containerized app development ecosystem, the team first had to build a new way to unify authorization policy at scale. The first step in achieving that was to create Open Policy Agent (OPA). Now, just two years after donating OPA to the Cloud Native Computing Foundation (CNCF), OPA is averaging one million downloads a week, has tripled in users and is in production in some of the largest Kubernetes environments in the world. And, OPA has not only become more popular, but also more critical than ever for organizations as they make the shift to cloud-native.
With OPA, teams have a single, consistent way to implement authorization across all their Kubernetes deployments, microservices and APIs. Not only does this mean teams can learn a single paradigm, and then apply it everywhere to save time, it also means that new tools, services, APIs or infrastructure can all be more easily governed and secured. We’re proud to know that OPA lets developers focus on more meaningful, differentiated application feature work, instead of spending time on writing and maintaining custom policy code for every element of their app.
What we are humbled to see now, is that OPA is quickly becoming the de facto standard for authorization. Platform teams, app developers and security engineers are all deploying OPA at scale, and in production. This wide deployment, made possible by the wide adoption and support from the OPA community, means that companies end up with not one, but hundreds or thousands of different instances of OPA across their platforms and services. Managing all those instances of OPA at scale can take time and that’s why we also provide a turnkey management plane to help write, distribute and monitor OPA policy.
Styra DAS: Authorization made easy
We purpose-built Styra Declarative Authorization Service (DAS) to serve as a unified control plane for operationalizing OPA in production, and it has been successfully deployed and proven at scale in giant global deployments, and cutting-edge startup applications as well. Styra DAS allows developers to accelerate time to market by satisfying security, compliance and operational requirements for organizations. And, Styra DAS also eliminates the need for developers to learn and custom coding OPA policies for K8s Admission Controller.
Platform engineers can get started with DAS Free, a completely free, self-service option for up to two clusters or 10 nodes to streamline the adoption process. For teams with larger production scale needs, DAS Pro is also completely self-service, and offers a clear and transparent pricing model, for up to 50 nodes, to protect and manage Kubernetes clusters as they grow from initial testing/deployment to full production environments. Of course, our existing DAS Enterprise supports unlimited OPA deployments and rules with around the clock support.
All three editions of Styra DAS have the exact same management plane for OPA, and access to the same policy library and features, such as impact analysis, decision logging, OPA monitoring and decision audit. It was important to us to make sure that every team, regardless of their size, stage and budget, have access to policy-as-code guardrails to eliminate operational, security and compliance risk.
When the team opened-sourced OPA, we believed that the community would drive the best integrations, implementations and best practices. Now that the community has done so, it’s time to provide them, regardless of size or budget, with a self-serviced and simplified way to manage OPA at scale.