PDP Deployments
The Policy Decision Point (AKA PDP) is responsible for making authorization decisions and is typically installed and maintained in your environment. build.security PDP can run in a variety of architectures.
In order for the decision engine to work, it is required:
  1. 1.
    Communicate with a build.security control plane to:
  • Pull the latest up-to-date project configuration changes
  • Send decision logs.
  1. 1.
    Communicate with your organizational databases on which the decisions rely.
  2. 2.
    Communicate with the applications which are based on the decision engine in enforcing permissions (detailed in the PEP section).
Policy Decision Points

Environment Variables

Following is a list of environment variables that you can use to configure a PDP at runtime:
Environment variable name
description
API_KEY
API key used by the PDP to authenticate with the build.security control plane
API_SECRET
API secret used by the PDP to authenticate with the build.security control plane
CONTROL_PLANE_ADDRESS
Control plane address used by the PDP
PDP_LOG_LEVEL
The PDP log level. debug / error. Default is error.
BUNDLE_COMMIT
The Git commit SHA used for pulling specific policies. This feature assumes git integration is enabled as the control plane needs the ability to pull and serve the specific policies and configurations to the PDP.

Supported Environments

To deploy your PDP properly, use the relevant installation instructions for your environment.
Last modified 9mo ago