TechQA.

Hiding an object from output in Rego Policy

238 views Asked by At

I created a Rego Policy but I would like to hide some of the objects from the output of the Rego.

Lets take this simple Rego as an example.

package cats

default cats := false

cats{
input.cat == my_cats[_]}

my_cats:= {
"Pumpkin Spice",
"Dr Meow"
}

Input:

{
    "cat": "Pumpkin Spice"
}

Output:

{
    "cats": true,
    "my_cats": [
        "Dr Meow",
        "Pumpkin Spice"
    ]
}

I would like to hide the my_cats Object from the Output, while only keeping the cat.

There is the mask functionality, but I couldn't get it to work since I think it's only supposed to working with the content of the input.

Is there any way to accomplish this?

policy open-policy-agent rego
Original Q&A
1

There are 1 answers

0
Devoops On

The response you get depends on what you query for. So if you query the cats rule, you'd get only true back. You can test this with e.g. opa eval -d policy.rego 'data.cats.cats'

The first element following data would be the package (cats), and the next element the rule in that package (also named cats).

If you're using the Rego Playground for evaluation, you can simply select the rule and the "Evaluate" button will change to "Evaluate Selection", which will evaluate only the rule if selected.

Related Questions in POLICY

Related Questions in OPEN-POLICY-AGENT

Related Questions in REGO

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions