Skip to main content

OPA Runner Parameters

Step 5: Client config - OPA runner parameters (Optional)

If you are running with inline OPA (meaning OPAL client runs OPA for you in the same docker image), you can change the default parameters used to run OPA.

In order to override default configuration, you'll need to set this env var:

Env Var NameFunction
OPAL_INLINE_OPA_CONFIGThe value of this var should be an OpaServerOptions pydantic model encoded into json string. The process is similar to the one we showed on how to encode the value of OPAL_DATA_CONFIG_SOURCES.

Control how OPAL interacts with the policy store

Use the POLICY_STORE_* config options to control how OPAL-client interacts the policy store (e.g. OPA)

  • Use POLICY_STORE_POLICY_PATHS_TO_IGNORE to have the client ignore instruction to overwrite or delete policies. Accepting a list of glob paths, or parent paths (without wildcards) ending with "/**"