Open Policy Agent allows you to write context-aware--policies, that take into account the world in which they are deployed. OPA allows you to inject arbitrary external data and use that data when making policy decisions.
The Envoy system's
Data source makes it easy to inject external data and use that data when making policy decisions You use the Styra DAS API to inject data into the
Data source, then when writing policy you
import data.dataset to access that data, and use it accordingly.
Once your policy starts using the data, both will be distributed to all of the OPAs connected to the system. Therefore, OPA will use that data together with the policy to make decisions. Like always, OPA records those decisions in its decision log and includes a revision ID that points to the version of policy used to make the decision. The revision ID also includes a pointer to the version of the
Data source JSON used to make the decision. As you update the
Data source over time, the Styra DAS maintains a historical record of the changes, so that you can replay any decision you want at a later point in time by using exactly the inputs, the policy, and any supporting JSON data that was used to make the decision originally.