Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: fix docs issues #251

Merged
merged 1 commit into from
Jul 26, 2024
Merged

chore: fix docs issues #251

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 6 additions & 6 deletions authorization/overview.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@ It's up to you to define the policies that make sense for your organization. Dur
The context provided to OPA includes the following fields:

- `input.authentication`: The authentication information for the request. These are specific to each authentication provider/method and can include things like the user's roles, email, etc.
- `input.request`: The incoming request details, such as the `namespace`, `resource`, and `verb`.
- `input.request`: The incoming request details, such as the `namespace`, `resource`, and `action`.

### Authentication Information

Expand Down Expand Up @@ -157,7 +157,7 @@ Roles or groups are not a requirement for writing policies. You can write polici

### Request Information

The `input.request` field contains information about the incoming request. This includes the `namespace`, `resource`, and `verb` of the request.
The `input.request` field contains information about the incoming request. This includes the `namespace`, `resource`, and `action` of the request.

- `namespace`: The [namespace](/concepts#namespaces) in Flipt of the resource being accessed. If no namespace is provided, the default namespace is used, or it is not applicable as the resource is not namespace scoped (e.g. authentication)

Expand All @@ -180,7 +180,7 @@ The `input.request` field contains information about the incoming request. This
- `distribution`: Access to segment [distribution](/concepts#distributions) resources.
- `token`: Access to client token resources.

- `verb`: The action being performed on the resource. This can be one of:
- `action`: The action being performed on the resource. This can be one of:
- `create`: Access to create resources.
- `read`: Access to list or read resources.
- `update`: Access to update resources.
Expand All @@ -193,7 +193,7 @@ Here's an example of the `input.request` field for a request to list flags in th
"namespace": "default",
"resource": "flag",
"subject": "flag",
"verb": "read"
"action": "read"
}
```

Expand All @@ -209,7 +209,7 @@ default allow := false
allow if {
input.request.namespace == "default"
input.request.resource == "flag"
input.request.verb == "read"
input.request.action == "read"
}
```

Expand All @@ -227,7 +227,7 @@ allow if {
"IT" in claims.groups
input.request.namespace == "default"
input.request.resource == "flag"
input.request.verb == "delete"
input.request.action == "delete"
}
```

Expand Down
2 changes: 1 addition & 1 deletion configuration/overview.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@ flipt --config s3://bucket-name/path/to/config.yml

For authenticating with the object storage service, you can use the following environment variables depending on the service:

- `AWS_ACCESS_KEY_ID` and `AWS_SECRET`
- `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY`
- `AZURE_STORAGE_ACCOUNT` and `AZURE_STORAGE_KEY` or `AZURE_CLIENT_ID`, `AZURE_TENANT_ID`, and `AZURE_CLIENT_SECRET`
- `GOOGLE_APPLICATION_CREDENTIALS`

Expand Down
Loading