Open Policy Agent (OPA)

Type: middleware.http.opa

Status: alpha

Reference: https://docs.dapr.io/reference/components-reference/supported-middleware/middleware-opa/

Example

apiVersion: cra.diagrid.io/v1beta1
kind: Component
metadata:
  name: <name>
spec:
  type: middleware.http.opa
  version: v1
  metadata:
    # The Rego policy code that will be evaluated for each request. The policy package must be http and the policy must set data.http.allow
    - name: rego
      value: ""
    # The status code to return for denied responses (Optional)
    #- name: defaultStatus
    #  value: "403"
    # Comma-separated set of case-insensitive headers to include in the request input. Request headers are not passed to the policy by default. Include to receive incoming request headers in the input (Optional)
    #- name: includedHeaders
    #  value: "x-my-custom-header, x-jwt-header"
    # Controls whether the middleware reads the entire request body in-memory and make it available for policy decisions (Optional)
    #- name: readBody
    #  value: "false"

Metadata

`rego` (string)

Required - The Rego policy code that will be evaluated for each request. The policy package must be http and the policy must set data.http.allow

`defaultStatus` (number)

The status code to return for denied responses

Default value: 403

Example value: 403

`includedHeaders` (string)

Comma-separated set of case-insensitive headers to include in the request input. Request headers are not passed to the policy by default. Include to receive incoming request headers in the input

Example value: x-my-custom-header, x-jwt-header

`readBody` (string)

Controls whether the middleware reads the entire request body in-memory and make it available for policy decisions

Example value: false

Example​

Metadata​

rego (string)​

defaultStatus (number)​

includedHeaders (string)​

readBody (string)​