I use OPA with terraform and kubernetes, but I’m looking for something for application ACLs, where I as a resource owner can assign permissions to arbitrary subjects for a resource.
Does OPA support that? If so that would be very very cool.
Certainly! Application and microservice authorization is probably one of the more common use cases for OPA, and there's definitely benefits in having a unified policy engine in an organization or company.
I have only found RBAC and ABAC docs and tutorials for OPA, do you happen to know of a good source of docs for ACLs like, User A gives User B edit rights on Resource C?
Update: I swear I’ve looked through the docs 20 times and I’ve never seen this use case, but of course after writing this comment I go back and immediately find what may work :-)
It looks like a flexible system to build cross-language and cross-framework authorization systems.