Red Hat SummitConfigure enforcement points
After you have set up your Ansible Automation Platform instance to communicate with the OPA server, you can set up enforcement points where you want the policy to be applied.
Procedure
Copy linkLink copied!
You can associate a policy with a job template, an inventory, or an organization. Enforcement then occurs in the following ways:
- Organization
- Jobs launched from a template owned by an organization will fail if the policy is violated. This configuration provides broad control over automation within organizational boundaries.
- Inventory
- Jobs that use an inventory associated with a policy fail if the policy is violated. This configuration allows you to control access to specific infrastructure resources.
- Job template
-
Jobs launched from a template associated with a policy fail if the job violates the associated policy. This configuration provides granular control over specific automation tasks.
Note If you do not associate a policy with a resource, policy evaluation will not occur when you run the related job.
Associate a policy with an organization
Copy linkLink copied!
Learn how to associate a policy with an organization.
Procedure
Copy linkLink copied!
- From the navigation panel, select .
- On the Organizations page:
- To edit an existing organization, find the organization you want to edit and click the pencil icon
to go to the editing screen. - To create a new organization, click .
- To edit an existing organization, find the organization you want to edit and click the pencil icon
- In the field labeled Policy enforcement, enter the query path associated with the policy you want to implement. You must format the query path as
package/rule. - Click and then to save your settings.
Associate a policy with an inventory
Copy linkLink copied!
Learn how to associate a policy with an inventory.
Procedure
Copy linkLink copied!
- From the navigation panel, select .
- On the Inventories page:
- To edit an existing inventory, find the inventory you want to edit and click the pencil icon to go to the editing screen.
- To create a new inventory, click .
- To edit an existing inventory, find the inventory you want to edit and click the pencil icon
- In the field titled Policy enforcement., enter the query path associated with the policy you want to implement. You must format the query path as
package/rule. - Click if you are editing an existing inventory, or click if you are creating a new inventory.
Associate a policy with a job template
Copy linkLink copied!
Learn how to associate a policy with a job template.
Procedure
Copy linkLink copied!
- From the navigation panel, select .
- On the Automation Templates page:
- To edit an existing job template, find the job template you want to edit and click the pencil icon to go to the editing screen.
- To create a new job template, click .
- To edit an existing job template, find the job template you want to edit and click the pencil icon
- In the field titled Policy enforcement, enter the query path associated with the policy you want to implement. You must format the query path as
package/rule. - Click if you are editing an existing job template, or click if you are creating a new job template.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}