Skip to content
/ opa-policy-load-test Public

A project to test loading thousands of policies into OPA to mesure performance

License

MIT license
0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

humbertoc-silva/opa-policy-load-test

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
policy-generator
policy-generator
 
 
policy
policy
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
input.json
input.json
 
 

Repository files navigation

opa-policy-load-test

A project to test loading thousands of policies into OPA to mesure performance

Instructions

Execute the pg.mjs Noje.js script informing the number of rules as an argument. The policy will be created inside the ./policy directory.

cd policy-generator
node pg.mjs 50000

Then load the policies into OPA

opa run -s -b ./policy

Use the input.json as an example of input data when asking OPA for authorization.

Example:

{
    "input": {
        "subject": {
            "role": "role_10000"
        },
        "resource": {
            "type": "resource_1000"
        },
        "action": "action_1000"
    }
}

And the expected result is the rule's name that authorize the action.

Example:

{
    "result": {
        "allow": {
            "title": "Rule 1000"
        }
    }
}

Below we have an example of a generated rule:

# METADATA
# title: Rule 0
# description: Rule 0...
allow := result if {
    input.subject.role == "role_0"
    input.action == "action_0"
    input.resource.type == "resource_0"
    annotation := rego.metadata.rule()
    result := {"title": annotation.title}
}

About

A project to test loading thousands of policies into OPA to mesure performance

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages