Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rules for common organizational requirements #48

Closed
anderseknert opened this issue Mar 20, 2023 · 1 comment
Closed

Rules for common organizational requirements #48

anderseknert opened this issue Mar 20, 2023 · 1 comment
Labels
category/custom rule

Comments

@anderseknert
Copy link
Member

I noticed this today: open-policy-agent/opa#2598

And while it could potentially be done in OPA, this seems like an excellent use-case for Regal. The example rules mentioned in the ticket:

  • App repos should not be able to modify the system package except for the system/log/mask decision
  • App policy packages must be namespaced under package acmecorp.<app_name>
  • App API authorization policies must include a default allow = false rule (any other value is not allowed for the default allow rule)

All seem like they would be quite easy to add as optional, configurable rules. If we want to leave it outside of Regal core, I could see how we could provide these type of rules in an external bundle... but having them packaged would be convenient.
@anderseknert
Copy link
Member Author

The custom category is now in place, and new rules will make this even easier to do even without writing custom rules (i.e. by providing just configuration). Closing this as completed. If there are common organizational requirements we learn about, let's create issues for those.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
category/custom rule
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@anderseknert