46 lines
4.9 KiB
Markdown
46 lines
4.9 KiB
Markdown
ansible-role-openpolicyagent
|
|
============================
|
|
|
|
The `ansible-role-openpolicyagent` ansible role installs and configures `Open Policy Agent <https://www.openpolicyagent.org/>`_.
|
|
|
|
Requirements
|
|
------------
|
|
|
|
The role doesn't require any extra python requiremnets to use.
|
|
|
|
To run `molecule` on the other hand, you might need to do the following.
|
|
|
|
```
|
|
$ pip install -r molecule/requirements.txt
|
|
```
|
|
|
|
Role Variables
|
|
--------------
|
|
|
|
| Variable | Default | Description |
|
|
|:--------------------------------------------------------|:--------------------------------------------------------------------------------------------:|:-------------------------------------------------|
|
|
| `openpolicyagent_version` | `v0.14.2` | OPA version |
|
|
| `openpolicyagent_home` | `/opt/opa` | OPA home directory |
|
|
| `openpolicyagent_bin` | `/opt/opa/bin` | OPA binary path |
|
|
| `openpolicyagent_name` | `opa` | OPA name of file to download |
|
|
| `openpolicyagent_user` | `opa` | OPA user to create and use |
|
|
| `openpolicyagent_group` | `opa` | OPA group to create and use |
|
|
| `openpolicyagent_base_url` | `Link <https://github.com/open-policy-agent/opa/releases/download>`_ | OPA download base URL |
|
|
| `openpolicyagent_url` | `Link <https://github.com/open-policy-agent/opa/releases/download/v0.14.2/opa_linux_amd64>`_ | OPA download URL |
|
|
| `openpolicyagent_config_path` | `/etc/opa` | OPA configuration base path |
|
|
| `openpolicyagent_config_d_path` | `/etc/opa/opa.d/` | OPA config.d path |
|
|
| `openpolicyagent_config_file` | `/etc/opa/config.yml` | OPA configuration file path |
|
|
| `*_openpolicyagent_services` | `[]` | OPA Services |
|
|
| `*_openpolicyagent_labels` | `{}` | OPA Labels |
|
|
| `*_openpolicyagent_bundles` | `[]` | OPA Bundles |
|
|
| `*_openpolicyagent_plugins` | `{}` | OPA Plugins |
|
|
| `openpolicyagent_config_default_decision` | `/system/main` | OPA Default Decision configuration |
|
|
| `openpolicyagent_config_default_authorization_decision` | `/system/authz/allow` | OPA Default Authorization Decision configuration |
|
|
| `openpolicyagent_config_decision_logs` | `{}` | OPA Decision Logs configuration |
|
|
| `openpolicyagent_config_status` | `{}` | OPA Status configuration |
|
|
| `openpolicyagent_config_discovery` | `{}` | OPA Discovery configuration |
|
|
|
|
License
|
|
-------
|
|
|
|
BSD 2 Clause
|