How does your organization control “who can do what” across the stack? How do you enforce auth/z, admission control, and risk management policies in your micro-services, orchestrators, and CI/CD systems? How do you implement low-latency policy enforcement in the polyglot environments that your company depends on? In this talk we introduce the Open Policy Agent (OPA) project. OPA is an open source policy engine used by companies like Netflix and Medallia to enforce rules consistently, up and down the stack. We will showcase OPA features like hot-reload, tracing, and optimizations with demos of auth/z and admission control policies. Finally we will show how to integrate your services with OPA and provide examples of integrations for projects like Kubernetes, Istio, and more. Attendees can expect to walk away with fresh ideas about how to achieve fine-grained control throughout their systems.