Skip to main content

EnforceAuth Getting Started

Deep dive after the 15-minute quickstart. For architecture decisions first, read Your Policy as Code journey.

Entity model

  • Organization — tenant-scoped root for policy ownership
  • System — deployable unit with policy source + bundle destination
  • Environmentsdevstagingprod promotion chain

See Entity model for hierarchy, inheritance, and deployability.

Policy source

Connect Git (GitHub today) with branch and policy_path. EnforceAuth builds OPA bundles on deploy.

See Policy sources for storage types, GitHub App setup, and environment overrides.

Bundle destination

Configure S3, GCS, or Azure Blob where PDPs fetch bundles.

See Bundle destinations for per-cloud fields and environment path overrides.

Deployments

Trigger manually, via GitHub Actions, or webhooks. Track runs on the Deployments page.

See Deployments for pipeline phases, promotion, and restore.

API keys

Service identities (OPA/EOPA instances) authenticate to send decision logs via API keys scoped to entities.

See API keys for scopes, PDP config, and rotation.

Console help

Use Help & Learning (rolling out under EA-701) and in-context ? guides linked from this documentation site.

Next