The underpinning of Aserto's authorization model is a policy.
Policies are authored, stored, and versioned as code in a
Currently, GitHub is the only supported source for policy repositories. More to come!
When you click on “Add a policy”, you'll go through a short workflow to select a git repository for your policy, and name that policy in the Aserto console.
The first step is to select a connection to a source code control system. If you don't have any yet, follow the instructions to create one.
In the next step, you'll be asked to select an organization & repo. Unless you already have a GitHub repository with the right GitHub Actions for building and pushing a policy image, select the “New (using template)” radio button, and select one of the templates.
Name your new repository with the prefix
policy- (for example,
policy-peoplefinder). This will
clone the template to the organization and repository name that you selected. The repository will
have the right GitHub Action installed, so that when you tag a commit, a new policy image will
automatically be built and pushed to the Aserto Registry. See the Policy Lifecycle
topic for more information.
Finally, name your policy with a descriptive name (e.g. peoplefinder).
Simply click the
x in the top right corner of the policy to remove it. Note that removing a policy
from your Aserto tenant doesn't remove the policy repository. To remove the repository from your git
provider, use that provider's API or UI.