Skip to main content

Data Sources

OPA allows you to write context-aware policies that take into account the world in which they are deployed. It also allows you to inject arbitrary external data and use that data when making policy decisions.

The Custom system's Data source make it easy to inject external data and use that data when making policy decisions. You use the Styra DAS API to inject data into the Data source, and then use it when you write policies.

Once your policy starts using the data, both will be distributed to all of the OPAs connected to the system. Therefore, OPA will use that data in concert with policy to make decisions. OPA records those decisions in its decision log and includes a revision ID that points to the version of policy used to make the decision. The revision ID also includes a pointer to the version of the Data source JSON used to make the decision. As you update the Data source over time, the Styra DAS keep a historical record of the changes. When required, you can replay any decision you want using exactly the inputs, the policy, and any supporting JSON data that was used to make the decision originally.

Similar to JSON data with OPA, you can create a DAS Data source in the package hierarchy, or in its own separate path. When you create a Data source, you must choose the location within the package hierarchy where you want that data to exist.

Limitations

The data sources and policy packages have similar limitations as follows:

  1. No data source path may be a prefix of another data source path.

  2. No data source path may be a prefix of a policy package either.

  3. DAS supports up to 50 MB in data sources. For further assistance, use one of the following ways to contact the Styra support team:

    • Send an email to support@styra.com.

    • Chat with us: Go to styra-das-id.styra.com, click Control Plane >> ? icon and select @ Support button.

For example:

  • If you have a policy package api.retail then you may not have a data source api.retail or api.

  • If you have a policy package api.retail then you may have a data source api.oncall.

Use Git to Store Policies

You can store your policies in Git by configuring Git storage. Now, all your policies for that system are stored in Git. You may still use Data sources; however, that data will not be stored in Git. If you want your JSON data stored in Git, then you must replace your data source with a JSON file in your Git repository.

caution

You cannot edit your Git JSON file that appears in the Styra DAS.