enterprise/flex-auth integration layer

2026-05-04 17:54:52 +02:00
parent e33f296bdb
commit 6cb3b7b172
17 changed files with 1240 additions and 23 deletions
--- a/examples/policy/enterprise-policy-map.yaml
+++ b/examples/policy/enterprise-policy-map.yaml
@@ -0,0 +1,58 @@
+id: markitect-enterprise-policy-map
+issuer: https://sso.example.test/realms/netkingdom
+audiences:
+  - markitect-tool
+defaults:
+  allowed_labels:
+    - public
+  trust_zones:
+    - public
+groups:
+  /markitect/readers:
+    allowed_labels:
+      - public
+      - internal
+    trust_zones:
+      - public
+      - internal
+    actions:
+      - read
+      - query
+      - search
+  /markitect/stewards:
+    allowed_labels:
+      - public
+      - internal
+      - restricted
+    trust_zones:
+      - public
+      - internal
+      - restricted
+    actions:
+      - read
+      - query
+      - search
+      - package
+      - export
+roles:
+  viewer:
+    actions:
+      - read
+      - query
+      - search
+scopes:
+  markitect:read:
+    actions:
+      - read
+      - query
+      - search
+trust_zones:
+  internal:
+    required_groups:
+      - /markitect/readers
+  restricted:
+    required_groups:
+      - /markitect/stewards
+metadata:
+  owner: flex-auth
+  version: example