Skip to main content

Custom System Policy Authoring

Policy authoring with Custom systems allows you to write any Rego you want.

note

For more information on how to use Rego, see Open Policy Agent.

The Styra DAS Custom System gives you nearly the same flexibility as OPA when it comes to organizing your policies. These packages enable you to reuse code, collaborate, and delegate decisions across teams. It also allows you to use a single Styra DAS System to address many policy enforcement use cases.

Within a Styra DAS Custom System, you can organize your Rego policies and JSON data into a hierarchy. For example, you can put your Rego policies into files with a .rego extension (also called Rego modules), and put your JSON data into a Styra DAS Data Source.

For example, you may have a single file that declares a number of rules inside the package common.

package common

user_is_authenticated { ... }
user_is_admin { ... }

You can create a second file that uses the code within the first file, similar to how you work with OPA.

package api.retail

import data.common

allow { common.user_is_authenticated }
...

There are some limitations on which packages you can create or edit in a Styra DAS Custom System. You can create any package structure and extend the pre-built packages. In contrast, you must comply with the specific package names and file locations in the pre-built Styra DAS System types.