Policy merge requestshttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests2021-02-22T06:32:36Zhttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/2Feature/gonrg 1805 fix2021-02-22T06:32:36ZAliaksandr Lubouski (EPAM)Feature/gonrg 1805 fixpolicy service pipeline added --install option for helm3 update, and remove opa auth istio manifestpolicy service pipeline added --install option for helm3 update, and remove opa auth istio manifesthttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/6Add Policy Service - AWS2021-03-03T17:34:05ZRucha DeshpandeAdd Policy Service - AWScommit f2276c04
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Mon Mar 01 2021 17:07:01 GMT-0600 (Central Standard Time)
remove comments
commit 241025ec
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Mon Mar 01 2021...commit f2276c04
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Mon Mar 01 2021 17:07:01 GMT-0600 (Central Standard Time)
remove comments
commit 241025ec
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Mon Mar 01 2021 16:41:07 GMT-0600 (Central Standard Time)
get opa from docker
commit 5afd8cd9
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Thu Feb 25 2021 11:56:10 GMT-0600 (Central Standard Time)
remove debug stmts
commit b35f2190
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Thu Feb 25 2021 11:55:35 GMT-0600 (Central Standard Time)
Merge branch 'dev' into deshruch
commit 63b95a86
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Tue Feb 23 2021 15:28:45 GMT-0600 (Central Standard Time)
install curl
commit 5154b6e6
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Tue Feb 23 2021 15:25:58 GMT-0600 (Central Standard Time)
get opa
commit aab95ae9
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Tue Feb 23 2021 15:20:38 GMT-0600 (Central Standard Time)
install curl
commit f542f9c9
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Tue Feb 23 2021 15:17:56 GMT-0600 (Central Standard Time)
install curl
commit b218befa
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Tue Feb 23 2021 15:16:58 GMT-0600 (Central Standard Time)
install curl
commit ce697793
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Tue Feb 23 2021 15:04:13 GMT-0600 (Central Standard Time)
install curl
commit 7fd675fb
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Tue Feb 23 2021 14:58:53 GMT-0600 (Central Standard Time)
install curl
commit 201a5a01
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Tue Feb 23 2021 14:56:19 GMT-0600 (Central Standard Time)
install curl
commit a5129532
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Tue Feb 23 2021 14:43:08 GMT-0600 (Central Standard Time)
install curl
commit 4ced7063
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Tue Feb 23 2021 14:39:54 GMT-0600 (Central Standard Time)
opa commands in docker
commit 695e9bae
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Mon Feb 22 2021 17:15:14 GMT-0600 (Central Standard Time)
add debug stmt
commit 98da8e02
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Fri Feb 19 2021 14:36:05 GMT-0600 (Central Standard Time)
aws implHrvoje MarkovicRucha DeshpandeHrvoje Markovichttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/24Draft: Gonrg 2469 imp bootstrap2021-06-02T09:21:42ZMykola Zamkovyi (EPAM)Draft: Gonrg 2469 imp bootstraphttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/46added logic to batch process legal tags2022-02-03T15:02:40ZNitesh Selkariadded logic to batch process legal tagsadded logic to batch process legal tagsadded logic to batch process legal tagsNitesh SelkariNitesh Selkarihttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/59added dynamic policy examples2022-06-06T21:05:01Zashley kelhamadded dynamic policy examplesAdded examples to retrieve data dynamically from the policies
added new dataauthz example that makes use of it
added documentationAdded examples to retrieve data dynamically from the policies
added new dataauthz example that makes use of it
added documentationhttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/74Adding rate limit filter2022-05-26T18:37:12ZSHEFFALI JAINAdding rate limit filter## Type of change
- [ ] Bug Fix
- [x] Feature
**Please provide link to gitlab issue or ADR(Architecture Decision Record)**
## Does this introduce a change in the core logic?
- [ ] YES
- [x] NO
## Does this introduce a change in the...## Type of change
- [ ] Bug Fix
- [x] Feature
**Please provide link to gitlab issue or ADR(Architecture Decision Record)**
## Does this introduce a change in the core logic?
- [ ] YES
- [x] NO
## Does this introduce a change in the cloud provider implementation, if so which cloud?
- [ ] AWS
- [x] Azure
- [ ] GCP
- [ ] IBM
## Does this introduce a breaking change?
- [ ] YES
- [x] NO
## Scope and Context
We are trying to provide design via which rate limiting can be applied to any service if enabled via flag and will be disabled by default. By setting a limit on how many requests a consumer is allowed to make in a given unit of time. We reject any requests above the limit with an appropriate response, like HTTP status 429 (Too Many Requests).
## What is the current behavior?
Currently, no rate limiting is applied on service which can limit the count of users accessing it.
## What is the new/expected behavior?
The service will have specific token count which will set limit to restrict number of users using the service per cycle.
## Have you added/updated Unit Tests and Integration Tests?
No.
## Any other useful information
Added Envoy filter to apply rate limiting. Added support to generate yaml file via Helm in deployment itself.
Initially value of applying rate limit filter is set to false.
It can be set while installing helm command using following instruction :
--set envoyFilter.enabled=trueSHEFFALI JAINSHEFFALI JAINhttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/80Draft: Add new endpoint to convert OPA query to ElasticSearch query2022-04-04T08:42:23ZLH Hon [ExxonMobil]Draft: Add new endpoint to convert OPA query to ElasticSearch queryLicense check:
github.com/open-policy-agent/rego-python = apache license 2.0 - OK
github.com/elastic/elasticsearch-dsl-py = apache license 2.0 - OKLicense check:
github.com/open-policy-agent/rego-python = apache license 2.0 - OK
github.com/elastic/elasticsearch-dsl-py = apache license 2.0 - OKhttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/85add opa data endpoint to virtual-service.yaml(GONRG-4459)2022-06-07T06:30:00ZRustam Lotsmanenko (EPAM)rustam_lotsmanenko@epam.comadd opa data endpoint to virtual-service.yaml(GONRG-4459)https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/90Trusted aws2022-04-18T13:55:22ZBill WangTrusted awsWe externalize OPA as a serviceWe externalize OPA as a serviceHrvoje MarkovicHrvoje Markovichttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/98Draft: GONRG-4561-modify-helm-bootstrap2022-08-10T13:57:40ZSiarhei Symanovich (EPAM)Draft: GONRG-4561-modify-helm-bootstrapadded policy bootstrap onpremadded policy bootstrap onpremSiarhei Symanovich (EPAM)Siarhei Symanovich (EPAM)https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/106Draft: Added dummy changes2022-05-24T09:21:48ZVineeth Guna [Microsoft]Draft: Added dummy changeshttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/109Aws bootstrapping2022-05-28T03:36:42ZMarc Burnie [AWS]Aws bootstrappingM12 - Release 0.15Marc Burnie [AWS]Marc Burnie [AWS]https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/112Ibm bundle policy2022-05-30T04:47:22ZAnuj GuptaIbm bundle policyAnuj GuptaAnuj Guptahttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/127Draft: Healthcheck improvement2022-07-18T18:42:02ZShane HutchinsDraft: Healthcheck improvementMaking the /health API endpoint depend on OPA.
Updated unit test make client call and still pass with OPA being unavailable.Making the /health API endpoint depend on OPA.
Updated unit test make client call and still pass with OPA being unavailable.Shane HutchinsShane Hutchinshttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/131Draft: ibm helm chart added2023-05-15T08:45:18ZBhushan RadeDraft: ibm helm chart addedBhushan RadeBhushan Radehttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/138attempt to fix gcp integration tests2022-09-17T15:09:03ZShane Hutchinsattempt to fix gcp integration testsM14 - Release 0.17Shane HutchinsShane Hutchinshttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/140move to port 80802022-09-21T20:23:39ZShane Hutchinsmove to port 8080Shane HutchinsShane Hutchinshttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/141adding search.rego to instance policy bundle2022-09-19T17:26:15ZMarc Burnie [AWS]adding search.rego to instance policy bundleM14 - Release 0.17Marc Burnie [AWS]Marc Burnie [AWS]https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/142Adding Search Instance Policy to AWS Bootstrapping2022-09-19T17:52:04ZMarc Burnie [AWS]Adding Search Instance Policy to AWS BootstrappingM14 - Release 0.17Marc Burnie [AWS]Marc Burnie [AWS]https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/169Updating dev2022-09-29T17:02:10ZShane HutchinsUpdating devShane HutchinsShane Hutchins