DEV Community

Cover image for The New Way To Use OPA With Backstage
Peter
Peter

Posted on

1 1

The New Way To Use OPA With Backstage

πŸ‘‹ Hello Again!

Last time, I spoke about how you could use the OPA Wrapper plugin to let you use the Open Policy Agent and integrate with the Backstage Permissions Framework.

I am back again to to just let you know, we've released two new awesome OPA related plugins that take this to the next level! The plugins are still in beta and I am looking forward to any and all feedback!

πŸ’­ So Why Do We Think These Plugins Will Be So Useful?

While the OPA Wrapper Plugin is fantastic for most permissions, some of our needs go beyond simple RBAC and ABAC rules. Sometimes, we need authorization based on dynamic, complex conditions that the default permissions framework doesn’t handle. For example:

  • Deployment Fridays: Only developers with 5+ years of experience can push the big red button.
  • Conditional UI Elements: Table rows are editable only by the assigned user.
  • Middleware on Backend Routes: Authorization rules for APIs based on request method or path.

In these cases, we need policies that are both flexible and powerful.

πŸ₯ Introducing...

So we developed the OPA Authz and OPA Authz React plugins!

These plugins bring that extra β€œoomph” to permissions in Backstage by making it easy to implement complex RBAC and ABAC requirements. And best of all, they don’t interfere with the OPA Wrapper! They’re designed to work seamlessly together, even in setups that rely on community and core plugins.

πŸ€” So Why Would I Use It?

Use these plugins when you need that extra layer of flexibility for advanced authorization in Backstage. They let you design more expressive policies to fit nuanced scenarios.

⭐ Key Takeaways

  • Allows for more flexibility and expressive policies!
  • Contains bespoke react components you can use to control the visibility and access based on the results of an OPA policy!
  • Bespoke OPA Middleware you can use in your backend routes!
  • Fully free and open source!

πŸ’¬ We’d Love Your Feedback!
Try out these plugins and let us know how they work for you. You can find both on GitHub, and we’d love to hear your thoughts or answer questions. Or you can leave some comments below!

Billboard image

The fastest way to detect downtimes

Join Vercel, CrowdStrike, and thousands of other teams that trust Checkly to streamline monitoring.

Get started now

Top comments (0)

A Workflow Copilot. Tailored to You.

Pieces.app image

Our desktop app, with its intelligent copilot, streamlines coding by generating snippets, extracting code from screenshots, and accelerating problem-solving.

Read the docs

πŸ‘‹ Kindness is contagious

Engage with a sea of insights in this enlightening article, highly esteemed within the encouraging DEV Community. Programmers of every skill level are invited to participate and enrich our shared knowledge.

A simple "thank you" can uplift someone's spirits. Express your appreciation in the comments section!

On DEV, sharing knowledge smooths our journey and strengthens our community bonds. Found this useful? A brief thank you to the author can mean a lot.

Okay