Kong Mesh is an enterprise-grade service mesh that runs on both Kubernetes and VMs on any cloud. Built on top of CNCF's Kuma and Envoy with enterprise features and support.
Kong Mesh 1.2 is a service mesh that is natively integrated with Open Policy Agent (OPA) as a first-class citizen. Kong Mesh enables customers to leverage OPA’s policy engine out of the box across both Kubernetes and VMs without having to deploy an additional sidecar by providing embedded OPA support in the data plane process.
This tutorial shows how OPA embedded in Kong Mesh data plane can be used as an authorization service to enforce security policies over API requests received by Kong Mesh. It also covers examples of authoring policies over the HTTP request body. It is based on the HTTP API Authorization OPA tutorial with added policies to control the ingress or egress behavior of the application and client.