Skip to content
/ policy-testing-framework Public

This repository is the entry point to start with Attribute Base Access Control (ABAC) and Policy-as-code from Axiomatics.

docs.axiomatics.com/policy-testing-framework/

License

MIT license
3 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

axiomatics/policy-testing-framework

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

131 Commits
.github/workflows
.github/workflows
 
 
buildSrc
buildSrc
 
 
extra/exampleRequests
extra/exampleRequests
 
 
gradle/wrapper
gradle/wrapper
 
 
license
license
 
 
src
src
 
 
.gitignore
.gitignore
 
 
CODEOWNERS
CODEOWNERS
 
 
Dockerfile
Dockerfile
 
 
LICENSE.md
LICENSE.md
 
 
README.md
README.md
 
 
build.gradle
build.gradle
 
 
deployment.yaml
deployment.yaml
 
 
gradle.properties
gradle.properties
 
 
gradlew
gradlew
 
 
gradlew.bat
gradlew.bat
 
 
headers.json
headers.json
 
 
settings.gradle
settings.gradle
 
 

Repository files navigation

Axiomatics Policy Testing Framework

This repository is the entry point to start with Attribute Base Access Control (ABAC) and Policy-as-code from Axiomatics.

Documentation

Online documentation from Axiomatics is available at https://docs.axiomatics.com/policy-testing-framework/

ALFA introduction available at https://axiomatics.github.io/alfa-vscode-doc/docs/alfa-introduction/introduction/

Quick start

  1. Add the Axiomatics repository access keys, that you received from Axiomatics, in file gradle.properties
  2. Make sure your IDE, such as IntelliJ or Visual Studio Code has the necessary plugins for Java and Gradle projects
  3. Open this project in your IDE, it contains a sample project
  4. Execute target test to test your policies and attribute connectors
  5. Execute target buildAuthzDomain to build the authorization domain.
  6. Copy Axiomatics ADS license, that you received from Axiomatics, to license/ directory
  7. Execute target runAds to start the Access Decision Service locally
  8. Execute buildAdsDockerImage to build a docker image to the local docker registry

ALFA

A simple example allowing all consultants to access resources in their own location.

main.alfa

namespace acme {

    policyset Main {
        apply firstApplicable
        consultants.Main
    }
}

consultants.alfa

namespace consultants {
    policy Main {
        target
            clause user.role == "consultant"
        
        apply firstApplicable
        rule permitIfLocationsMatch {
            permit
            condition user.location == resource.location
        }
    }
}

Contact

Feel free to contact us at https://www.axiomatics.com if you have any questions

About

This repository is the entry point to start with Attribute Base Access Control (ABAC) and Policy-as-code from Axiomatics.

docs.axiomatics.com/policy-testing-framework/

Topics

abac axiomatics pbac policy-as-code rego-alternative

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

3 stars

Watchers

8 watching

Forks

2 forks
Report repository

Packages

No packages published

Languages