Skip to main content


This page defines the terms that appear throughout the Styra documentation suite.


Certificate Authorities (CAs)

A Certificate Authority (CA), also sometimes referred to as a certification authority, is a company or organization that acts to validate the identities of entities (such as websites, email addresses, companies, or individual persons) and bind them to cryptographic keys through the issuance of electronic documents known as digital certificates.

Cloud Native Computing Foundation (CNCF)

The Cloud Native Computing Foundation (CNCF) hosts critical components of the global technology infrastructure. CNCF brings together the world’s top developers, end users, and vendors and runs the largest open source developer conferences. CNCF is part of the nonprofit Linux Foundation.

Command Line Interface (CLI)

A Command Line Interface (CLI) is a text-based user interface (UI) used to view and manage computer files.

Continuous Integration and Continuous Delivery (CI/CD)

The Continuous integration (CI) and continuous delivery (CD) embodies a culture, set of operating principles, and collection of practices that enable application development teams to deliver code changes more frequently and reliably.


Declarative Authorization Service (DAS)

The Styra Declarative Authorization Service (DAS) is built on top of the open-source project Open Policy Agent (OPA) and provides a single pane of glass for authorization and policy across the cloud-native ecosystem of software systems.

Domain Name System (DNS)

The Domain Name System (DNS) is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities.


Graphical User Interface (GUI)

The Graphical User Interface (GUI) is a form of user interface that allows users to interact with electronic devices through graphical icons and audio indicator such as primary notation, instead of text-based user interfaces, typed command labels or text navigation.


Identity and Access Management (IAM)

An Identity and Access Management (IAM) refers to the policies and tools used by IT departments to ensure that people and entities have the appropriate level of access to the organization’s technical resources.


JSON Web Token (JWT)

A JSON Web Token (JWT)is an internet standard for creating JSON-based access tokens that assert some number of claims. The tokens are signed either using a private secret or a public or private key.


Lightweight Directory Access Protocol (LDAP)

The Lightweight Directory Access Protocol is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol network.

Linux Pluggable Authentication Modules (PAM)

The Linux PAM package contains Pluggable Authentication Modules used to enable the local system administrator to choose how applications authenticate users.



A Minikube is a tool that makes it easy to run Kubernetes locally.

Mutual Transport Layer Security (mTLS)

mTLS helps ensure that traffic is secure and trusted in both directions between a client and server. This provides an additional layer of security for users who log in to an organization's network or applications.


Open Policy Agent (OPA)

The Open Policy Agent (OPA, pronounced “oh-pa”) is an open source, general-purpose policy engine that unifies policy enforcement across the stack. OPA provides a high-level declarative language that let's you specify policy as code and simple APIs to offload policy decision-making from your software.


Read–eval–print loop (REPL)

A read–eval–print loop (REPL) is called as interactive top level or language shell. It is a simple, interactive computer programming environment that takes single user inputs, evaluates (executes) them, and returns the result to the user; a program written in a REPL environment is executed piecewise.

Role-Based Access Control (RBAC)

A Role-Based Access Control (RBAC) is an approach to restricting system access to authorized users.


Secure Shell (SSH)

Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network.

Software as a Service (SaaS)

Software as a service (SaaS) is a software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted.

Styra Local Control Plane (SLP)

Styra Local Control Plane (SLP) downloads policies from the DAS and relays them to the OPAs. It provides an additional copy of the policies for higher availability. The SLP also monitors Kubernetes resources and provides them as required both to the DAS for analysis and to the local OPAs when policy decisions rely on those resources.


Virtual Machine (VM)

A virtual machine (VM) is a digital version of a physical computer. Virtual machine software can run programs and operating systems, store data, connect to networks, and do other computing functions, and requires maintenance such as updates and system monitoring.