Fugue Adopts Open Policy Agent for its Policy-as-Code Framework for Cloud Security
October 08, 2019

Fugue announced support for Open Policy Agent (OPA), an open source general-purpose policy engine and language for cloud infrastructure.

Fugue is leveraging OPA and Rego, OPA's declarative policy language, for cloud infrastructure policy-as-code to provide customers with maximum flexibility when implementing their custom enterprise policies. The Cloud Native Computing Foundation (CNCF) accepted OPA as an incubation-level hosted project in April 2019.

While much of the focus of OPA has been on developing access policies for Kubernetes, Fugue is driving the adoption of OPA to address a wider variety of use cases for securing cloud environments on Amazon Web Services (AWS) and Microsoft Azure, including the application of common compliance frameworks to full cloud infrastructure stacks. The Fugue team has developed tools and enhancements to improve OPA's developer experience. Fugue has provided many of these enhancements to the OPA open source project, and will continue to do so.

Fugue has also added support to its product for customer-defined rules written using OPA and Rego. This sets Fugue apart from cloud infrastructure policy management solutions that rely on proprietary and inflexible rule languages that lock-in customers and are incompatible with other policy languages used elsewhere in the enterprise. Fugue also uses OPA to provide out-of-the-box support for commonly used compliance frameworks including CIS Foundations Benchmarks, GDPR, HIPAA, ISO 27001, NIST 800-53, PCI, and SOC 2.  

"Fugue has been developing policy-as-code solutions for some time, and now we're offering an easy-to-use, open source solution for writing policies for cloud infrastructure," said Phillip Merrick, CEO of Fugue.  "Our customers can use the same open language for defining their cloud infrastructure policies in Fugue that they are using for other enterprise policy needs. This eliminates the need to learn other vendors' proprietary, inflexible policy languages."

- Fugue's custom rules capabilities that leverage OPA enable users to:

- Build and manage custom, user-defined cloud infrastructure rules in OPA Rego via the Fugue API, CLI, and web interface

- Validate and test custom rules while they are being written with helpful errors that save time

- Continuously validate and report on compliance for custom rules and out-of-the-box policy frameworks

"Fugue is running millions of security rule evaluations every day using OPA, so we've put a lot of work into improving performance and developer tooling and will be contributing all of that back to the open source community," said Josh Stella, co-founder and CTO of Fugue. "OPA is a significant development for policy-as-code, and Fugue is fully committed to supporting and contributing to it."

Custom rules with Fugue using OPA is available now for all Fugue customers.

Share this

Industry News

April 21, 2025

Postman announced new releases designed to help organizations build APIs faster, more securely, and with less friction.

April 21, 2025

SnapLogic announced AgentCreator 3.0, an evolution in agentic AI technology that eliminates the complexity of enterprise AI adoption.

April 17, 2025

GitLab announced the general availability of GitLab Duo with Amazon Q.

April 17, 2025

Perforce Software and Liquibase announced a strategic partnership to enhance secure and compliant database change management for DevOps teams.

April 17, 2025

Spacelift announced the launch of Saturnhead AI — an enterprise-grade AI assistant that slashes DevOps troubleshooting time by transforming complex infrastructure logs into clear, actionable explanations.

April 16, 2025

CodeSecure and FOSSA announced a strategic partnership and native product integration that enables organizations to eliminate security blindspots associated with both third party and open source code.

April 16, 2025

Bauplan, a Python-first serverless data platform that transforms complex infrastructure processes into a few lines of code over data lakes, announced its launch with $7.5 million in seed funding.

April 15, 2025

Perforce Software announced the launch of the Kafka Service Bundle, a new offering that provides enterprises with managed open source Apache Kafka at a fraction of the cost of traditional managed providers.

April 14, 2025

LambdaTest announced the launch of the HyperExecute MCP Server, an enhancement to its AI-native test orchestration platform, HyperExecute.

April 14, 2025

Cloudflare announced Workers VPC and Workers VPC Private Link, new solutions that enable developers to build secure, global cross-cloud applications on Cloudflare Workers.

April 14, 2025

Nutrient announced a significant expansion of its cloud-based services, as well as a series of updates to its SDK products, aimed at enhancing the developer experience by allowing developers to build, scale, and innovate with less friction.

April 10, 2025

Check Point® Software Technologies Ltd.(link is external) announced that its Infinity Platform has been named the top-ranked AI-powered cyber security platform in the 2025 Miercom Assessment.

April 10, 2025

Orca Security announced the Orca Bitbucket App, a cloud-native seamless integration for scanning Bitbucket Repositories.

April 10, 2025

The Live API for Gemini models is now in Preview, enabling developers to start building and testing more robust, scalable applications with significantly higher rate limits.