Apple acquires developer of the Open Policy Agent
The inventors of the Open Policy Agent are moving to Cupertino: Apple is buying expertise in open source software that remains under the control of the CNCF.
New workplace for the OPA developers: Apple takes over the development team of the open source software.
(Image: Apple)
Open Policy Agent (OPA) is software that accepts rules (formulated in the Rego language) and data objects and makes decisions on this basis. The main area of application is authorization rules that answer whether a user is allowed to perform an action. Because OPA is open source software (Apache License 2.0) and can be integrated comparatively easily into other applications, it enjoys great popularity in the cloud-native community: OPA is used, among other things, to decide on requests to the Kubernetes API, but also makes decisions in banks as to who may make which requests to internal systems.
OPA was invented by the company Styra, which has earned money with additional products and services related to OPA. The logos of Zalando, CapitalOne and the European Patent Office can be found on the homepage. Goldman Sachs and Netflix are also among the OPA users. However, the OPA code itself is no longer in the hands of Styra: in 2018, OPA was accepted as an incubating project by the CNCF (Cloud Native Computing Foundation), and since 2021 it has achieved the highest status of "Graduated" and has a total of 485 contributors.
Now the next upheaval is imminent: The inventors of Open Policy Agent and other Styra employees are changing employers: Apple, also an OPA user, is taking over Styra CTO Tim Hinrichs and other developers. Hinrichs made the announcement on the OPA blog. "Apple is an enthusiastic OPA user that uses it as a central component of its authorization infrastructure to manage a large portfolio of global cloud services."
More open source
Because the code is already in the hands of CNCF, the open source project will not change. The code remains open source and will be managed by the CNCF as before. The list of maintainers will not change either. What is new is that additional products from the Styra portfolio will also become open source and move to the public repository: the commercial OPA distribution EOPA, the management interface "OPA Control Plane", several SDKs and the Rego linter called Regal.
Videos by heise
The website and Rego Playground (a website for testing Rego rules) will continue to run as usual and development will also continue. However, it is unclear in what form the Styra company will continue to work. The blog post does not provide any information on this. Large organizations that had hoped to buy the authorization expertise and advice of Tim Hinrichs and the other OPA core developers from Styra have been left empty-handed: Apple is now using this expertise.
(jam)
