AWS Parameterizing OPA Cache Settings as Helm Values and Right-Sizing Default OPA Cache Size (!530) · Merge requests · OSDU Software / OSDU Data Platform / Security and Compliance / Policy

Marc Burnie [AWS] requested to merge aws-integration-opa into master Sep 11, 2024

Performed some testing on an AWS environment with OPA request size of 1G and limit of 1.2G and a stale_entry_eviction_period_seconds setting of 60 minutes using the cache.rego evaluation to fill the OPA cache. Observed the OOM Killed error on cache sizes from 1G to 600MB in 100MB increments. No OOM Killed error found on 400MB cache size, so setting this as the default setting in AWS OPA config and updated size doc with the recommended setting. Also adding stale_entry_eviction_period_seconds as a configurable setting on AWS.

AWS Parameterizing OPA Cache Settings as Helm Values and Right-Sizing Default OPA Cache Size

Merge request reports