opa-image-security-templates
OfficialEnforce Kubernetes image security with OPA
Software Engineering#kubernetes#policy-as-code#opa#signature-verification#image-security#digest-enforcement
Authoradaptive-enforcement-lab
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Enforces image security policies in Kubernetes using OPA templates to restrict registries, require digest references, and validate image signatures.
Core Features & Use Cases
- Registry allowlist: block public/untrusted registries and allow only corporate registries.
- Digest enforcement: require immutable digest-based image references to prevent tag mutation.
- Signature verification: enforce cryptographic signatures via Cosign and optional Rekor attestations.
Quick Start
Apply the OPA image security templates to your Kubernetes cluster to enforce registry allowlists, digest-based image references, and cryptographic signatures.
Dependency Matrix
Required Modules
kubectlcosigntrivycrane
Components
scripts
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: opa-image-security-templates Download link: https://github.com/adaptive-enforcement-lab/claude-skills/archive/main.zip#opa-image-security-templates Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.