v1.9.0

This release updates the OPA version used in Enterprise OPA to v0.56.0, and integrates several bugfixes and new features.

mongodb.find, mongodb.find_one: query MongoDB databases during policy evaluation

Enterprise OPA now supports querying MongoDB databases!

Two new builtins are dedicated for this purpose: mongodb.find, and mongodb.find_one. These correspond approximately to MongoDB's db.collection.find() and db.collection.findOne() operations, respectively. These operations make it possible to integrate MongoDB databases efficiently into policies, depending on whether a single or multiple document lookup is needed.

Find out more in the new Tutorial, or see the Reference documentation for more details.

dynamodb.send: query DynamoDB during policy evaluation

This builtin currently supports sending GetItem and Query requests to a DynamoDB endpoint, allowing direct integration of DynamoDB into policies.

Find out more in the new Tutorial, or see the Reference documentation for more details.

vault.send for interacting directly with Hashicorp Vault in policies.

This new builtin provides support for more direct, request-oriented Hashicorp Vault integrations in policies than was previously possible through the EKM Plugin.

See the Reference documentation for more details.

gRPC plugin Decision Logs Support

The gRPC server plugin now integrates into Enterprise OPA's decision logging!
This means that gRPC requests are logged in a near-identical format to HTTP requests, allowing deeper insight into the usage and performance of Enterprise OPA deployments in production.