Module opa 

Open Policy Agent (OPA) integration for externalized authorization.

Delegates fine-grained policy evaluation to an OPA server using its REST API, enabling dynamic, data-driven authorization decisions expressed in Rego.

Architecture

Application ──► OpaClient ──► POST /v1/data/{path} ──► OPA Server
                                                        │
                                                    Rego policies
                                                        │
                                                 ◄── Decision ──►

References

• OPA REST API
• Rego Policy Language

Structs

LocalPolicyEvaluator

A lightweight local policy evaluator for simple attribute-based checks.

OpaClient

Client for evaluating authorization decisions against an OPA server.

OpaConfig

OPA client configuration.

OpaInput

Input payload sent to OPA for policy evaluation.

OpaResponse

Response from an OPA policy query.

PolicyCondition

A single condition in a policy rule.

PolicyRule

A policy rule consisting of conditions that must all be true.

Enums

ConditionOperator

Comparison operators for policy conditions.

PolicyEffect

Policy decision effect.