This project is a FastAPI application that allows users to manage policies using the OPA (Open Policy Agent) client. It provides functionality to register, update, delete, and retrieve policies, including the option to download policies as .rego files.
- Register policies from .rego files via a POST request.
- Retrieve a policy's Rego content via a GET request, with an option to download it as a .rego file.
- List all registered policies.
- Update existing policies without needing to delete and re-upload them.
- Delete policies using a DELETE request.
- Built with FastAPI and OPA Client.
These are the environmental variables that can be configured:
Variable | Description |
---|---|
OPA_HOSTNAME |
Hostname where the OPA service is running and reachable. |
OPA_PORT |
Port number (String) where the OPA service is running and reachable. |
When installing the Helm Chart, upgrade it with a custom myvalues.yaml
file where you define the environmental variables that you wish to override.
- Python 3.10 or higher
- Poetry for dependency management
- Docker (optional, if you want to run the app in a container)
-
Clone the repository:
git clone <your-gitlab-repo-url> cd <your-repo-name>
-
Install dependencies using Poetry:
poetry install
-
Run the application:
poetry run uvicorn datasecurity.main:app --reload
The application will be available at http://127.0.0.1:8001
You can also run the application in a Docker container:
-
Build the Docker image:
docker build -t data_security_service .
-
Run the container:
docker run -d -p 8001:8001 data_security_service
To get a list of all registered policies, send a GET request.
Endpoint: GET /policies
Retrieve the content of a specific policy. Optionally, download it as a .rego file by setting the as_file parameter to true.
Endpoint: GET /policies/{policy_name}/?as_file={true|false}
You can register a new policy by sending a POST request with the .rego
file as form data.
Endpoint: POST /policies/{policy_name}
You can update an existing policy by uploading a new .rego file with the same policy name.
Endpoint: PUT /policies/{policy_name}
To delete a policy, send a DELETE request with the policy name.
Endpoint: DELETE /{policy_name}
You can consult the automatically generated API documentation at:
- Swagger UI: http://127.0.0.1:8001/docs
- ReDoc: http://127.0.0.1:8001/redoc