Policy Basics
Basic Policy
# This is effectively the name of the policy.
# It must be "policy".
package policy
import data.phylum.level
import future.keywords.contains
import future.keywords.if
# METADATA
# scope: rule
# schemas:
# - data.issue: schema.issue
issue contains "risk level cannot exceed medium" if {
data.issue.severity > level.MEDIUM
}
This is a basic policy using an issue
rule to block any HIGH/CRITICAL issues.
The issue
rule will contain the specified text when the if
statement is true
. OPA
iterates through the job input data evaluating the expression against the severity and the level.
Updated about 1 month ago