What is Rego?

Rego is a declarative query language that serves as the foundation of the Open Policy Agent (OPA) framework. OPA, a graduated project under the Cloud Native Computing Foundation (CNCF), functions as the policy evaluation engine within the IEM environment. Together, Rego and OPA enable the decoupling of policy decision-making from application code, providing enhanced flexibility, scalability, and control.

How does Rego work?

Unlike traditional imperative languages that require step-by-step instructions, Rego is declarative. Instead of specifying how to achieve a result, you define the conditions that must be satisfied, and OPA evaluates these conditions against a given data source (referred to as the input). Conceptually, this approach shares similarities with SQL, where you describe what you want rather than how to compute it. With Rego, you articulate the criteria for policy compliance or violation, and OPA validates these conditions against a JSON input document.

For more information, see the Open Policy Agent documentation.