Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
  • trusted-cimpl-policy protected
  • release/0.28 protected
  • trusted-gc_fix_null_header_http_send protected
  • trusted-GONRG-11243-Fix-Python-Version protected
  • test-cimpl-policy
  • trusted-fix_xuserid_optional_for_GC protected
  • trusted-GONRG-10453-Create_pipeline_Cimpl_policy protected
  • incountry
  • gc-oidc-test
  • trusted-gc-oidc-test protected
  • trusted-aws-fix-build protected
  • trusted-vl/python3.12 protected
  • trusted-vl/fastapi-swagger-mdw protected
  • doc_update
  • trusted-doc_update protected
  • trusted-okosse protected
  • trusted-GONRG-10847-Fix-GC-Dockerfile protected
  • trusted-docker_update protected
  • trusted-swupdate protected
  • v0.28.2 protected
  • v0.28.1 protected
  • v0.28.0 protected
  • v0.27.6-gc.1 protected
  • v0.27.6 protected
  • v0.27.5 protected
  • v0.27.4 protected
  • v0.27.3 protected
  • v0.27.2 protected
  • v0.27.1 protected
  • v0.27.0 protected
  • v0.26.0 protected
  • v0.25.2 protected
  • v0.25.1 protected
  • v0.25.0 protected
  • v0.24.0 protected
  • v0.23.3 protected
  • v0.23.2 protected
  • v0.23.1 protected
  • v0.21.1 protected
40 results
Compare
Aliaksandr Ramanovich (EPAM)'s avatar
Merge branch 'gc-fix-dev2-tests' into 'master'
Aliaksandr Ramanovich (EPAM) authored 
fix bucket name

See merge request !272
b0d3dd67
History
Aliaksandr Ramanovich (EPAM)'s avatar b0d3dd67
History
Name Last commit Last update
app
build
deployment
devops
docs
frontend
loadtest
policy-examples
postman
.dockerignore
.editorconfig
.fossa.yml
.gitattributes
.gitignore
.gitlab-ci.yml
Dockerfile-Azure-Bootstrap
LICENSE
NOTICE
README.md
requirements.txt
requirements_bootstrap.txt
requirements_dev.txt
search_eando.py
README.md

Policy service

Policy service is used for management and evaluation of dynamic policies in OSDU.

Dependencies

Policy service has a runtime dependency on Open Policy Agent OPA. It also has a runtime dependency on OSDU entitlements service for API authorization.

Environmental variables

ENTITLEMENTS_BASE_URL and LEGAL_BASE_URL environmental variable must be set to run the service. The values provided should be of format scheme://host[:port] and not include any part of path (e.g., https://entitlements.osdu.compay.com).

API authorization

To read or evaluate policies, user calling the policy service, must be a member of service.policy.user or service.policy.admin group.

To create, update, or delete the policies, user must be a member of service.policy.admin group.

User can be added to these groups by using entitlements service.

For information on how to run the policy service: Policy Service README

For information on testing the policy service: Test Policy Service README

API documentation: OpenAPI

There is also a Policy Service Admin CLI: Policy Service Admin CLI

There is also a Policy Service Admin UI POC: Policy Service Admin UI