This repository contains a Go library that performs two main functions:
- Parses IaC configurations
- Evaluates resources using Open Policy Agent
It also provides a small CLI that can be used to author and test policies.
go build
./policy-engine help
Additional documentation can be found in the docs
directory. The current
set of additional documents are:
- Policies specification
- Describes the structure and API for writing policies
- Policy authoring guide
- Contains a tutorial for authoring policies and instructions for writing policy tests
- Use as a library
- Describes how to use
policy-engine
as a Go library
- Describes how to use
- Notes for policy engine developers
- Describes processes and conventions for working on this repository
- Security
- Describes measures to take when policy-engine on untrusted inputs or code
Should you wish to make a contribution please open a pull request against this repository with a clear description of the change with tests demonstrating the functionality. You will also need to agree to the Contributor Agreement before the code can be accepted and merged.