OPA Gatekeeper

Definition

Kubernetes admission controller using Open Policy Agent (OPA) to validate resources against Rego policies.

Why it matters

Enforces security and compliance rules consistently at cluster boundaries.

Common pitfalls

• Cryptic error messages without developer guidance.
• Policies that mutate or block without clear remediation.

References

• https://openpolicyagent.org
• https://github.com/open-policy-agent/gatekeeper
• manual/06-glossary/platform/policy-as-code.md