Trait PolicyDecisionPoint

Source

pub trait PolicyDecisionPoint: Send + Sync {
    // Required method
    fn authorize<'life0, 'life1, 'async_trait>(
        &'life0 self,
        req: &'life1 ConnectionRequest,
    ) -> Pin<Box<dyn Future<Output = Result<Decision>> + Send + 'async_trait>>
       where Self: 'async_trait,
             'life0: 'async_trait,
             'life1: 'async_trait;
}

Expand description

The slice of secureops-policy’s PDP that the egress PEP requires.

Implemented by the concrete policy engine in secureops-policy and injected by secureops-daemon. Kept as a trait so this PEP never compiles against the engine’s internal types.

Required Methods§

Source

fn authorize<'life0, 'life1, 'async_trait>( &'life0 self, req: &'life1 ConnectionRequest, ) -> Pin<Box<dyn Future<Output = Result<Decision>> + Send + 'async_trait>>
where Self: 'async_trait, 'life0: 'async_trait, 'life1: 'async_trait,

Authorize a single outbound connection (PRODUCT.md B.5 step 2-3).

Implementations MUST be fail-closed: on internal error they should surface it so the PEP can apply FailMode::Closed rather than silently allowing.

Dyn Compatibility§

This trait is dyn compatible.

In older versions of Rust, dyn compatibility was called "object safety".

Implementors§

Source §

PolicyDecisionPoint

Trait PolicyDecisionPoint Copy item path

Required Methods§

fn authorize<'life0, 'life1, 'async_trait>( &'life0 self, req: &'life1 ConnectionRequest, ) -> Pin<Box<dyn Future<Output = Result<Decision>> + Send + 'async_trait>>where Self: 'async_trait, 'life0: 'async_trait, 'life1: 'async_trait,

Dyn Compatibility§

Implementors§

impl PolicyDecisionPoint for AllowlistPdp

Trait PolicyDecisionPoint

fn authorize<'life0, 'life1, 'async_trait>( &'life0 self, req: &'life1 ConnectionRequest, ) -> Pin<Box<dyn Future<Output = Result<Decision>> + Send + 'async_trait>>
where Self: 'async_trait, 'life0: 'async_trait, 'life1: 'async_trait,