34 lines
1001 B
Plaintext
34 lines
1001 B
Plaintext
# StellaOps Policy Engine configuration template.
|
|
# Copy to ../etc/policy-engine.yaml (relative to the Policy Engine content root)
|
|
# and adjust values to fit your environment. Environment variables prefixed with
|
|
# STELLAOPS_POLICY_ENGINE_ override these values at runtime.
|
|
|
|
schemaVersion: 1
|
|
|
|
authority:
|
|
enabled: true
|
|
issuer: "https://authority.stella-ops.local"
|
|
clientId: "policy-engine"
|
|
clientSecret: "change-me"
|
|
scopes: [ "policy:run", "findings:read", "effective:write" ]
|
|
backchannelTimeoutSeconds: 30
|
|
|
|
storage:
|
|
connectionString: "mongodb://localhost:27017/policy-engine"
|
|
databaseName: "policy_engine"
|
|
commandTimeoutSeconds: 30
|
|
|
|
workers:
|
|
schedulerIntervalSeconds: 15
|
|
maxConcurrentEvaluations: 4
|
|
|
|
resourceServer:
|
|
authority: "https://authority.stella-ops.local"
|
|
requireHttpsMetadata: true
|
|
audiences: [ "api://policy-engine" ]
|
|
requiredScopes: [ "policy:run" ]
|
|
requiredTenants: [ ]
|
|
bypassNetworks:
|
|
- "127.0.0.1/32"
|
|
- "::1/128"
|