valitydev/bouncer
14
0
Fork 0
mirror of https://github.com/valitydev/bouncer.git synced 2024-11-06 02:15:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
5 Commits 25 Branches 0 Tags 328 KiB
Erlang 92.6%
Open Policy Agent 4.7%
Makefile 1.7%
Dockerfile 1%
44fa86982d
Go to file
Andrew Mayorov 44fa86982d
MSPF-585: Implement naive audit logging (#4) 
* Allow to set up multiple pulse handlers

* Enable audit logging through dedicated log handler

* Remove scoper use from handler

* Verify that audit log overload stops handlers

Though it's not apparently, so skip the test for now but keep testcase
for future experimentation.

Co-authored-by: Sergey Yelin <elinsn@gmail.com>
2020-10-30 15:10:07 +03:00
build_utils@2c4c2289ad Implement a thrift service around opa policy solver (#1) 2020-10-14 12:09:26 +03:00
config Implement a thrift service around opa policy solver (#1) 2020-10-14 12:09:26 +03:00
src MSPF-585: Implement naive audit logging (#4) 2020-10-30 15:10:07 +03:00
test MSPF-585: Implement naive audit logging (#4) 2020-10-30 15:10:07 +03:00
.gitignore Implement a thrift service around opa policy solver (#1) 2020-10-14 12:09:26 +03:00
.gitmodules Implement a thrift service around opa policy solver (#1) 2020-10-14 12:09:26 +03:00
docker-compose.sh Implement a thrift service around opa policy solver (#1) 2020-10-14 12:09:26 +03:00
Dockerfile.sh Implement a thrift service around opa policy solver (#1) 2020-10-14 12:09:26 +03:00
Jenkinsfile Implement a thrift service around opa policy solver (#1) 2020-10-14 12:09:26 +03:00
Makefile Implement a thrift service around opa policy solver (#1) 2020-10-14 12:09:26 +03:00
README.md Add rudimentary README (#5) 2020-10-29 14:41:57 +03:00
rebar.config MSPF-585: Implement naive audit logging (#4) 2020-10-30 15:10:07 +03:00
rebar.lock MSPF-585: Implement naive audit logging (#4) 2020-10-30 15:10:07 +03:00

README.md

Bouncer

Does someone look like a troublemaker?

Primary Arbiter thrift service implementation.

In a nutshell this service maps incoming contexts into OPA input documents and asks OPA to compute a set of assertions allowing or forbidding actions under given input context.

From the service's point of view a ruleset id is a path to OPA document that define a subdocument named assertions with a rudimentary schema. See https://github.com/rbkmoney/bouncer-policies#authoring for more detailed information.