Skip to content

feat: add policy service integration for authz checks using feature flags

Varunkumar Manohar requested to merge slb/vm/policy-svc-integration into master

This MR introduces the ability to interact with policy service built on Open Policy Agent

  1. Policy Service interaction is enabled only when feature flag FEATURE_FLAG_POLICY_SVC_INTERACTION is set to true in the environment. When this is set to true, the required env variable is DES_POLICY_SERVICE_HOST
  2. Adds the ability to insert policies with policy-service. These policies would be used for SDMS AuthZ
  3. Authorization would succeed when the policy service evaluates the user membership in input ACL groups. The evaluatePolicymethod achieves this.

image

Merge request reports