| | 694 | == ARGUS == |
| | 695 | |
| | 696 | __Base template__ : `machine-types/argus`. |
| | 697 | |
| | 698 | Argus is a system meant to render consistent authorization decisions for distributed services. It is composed of three components: |
| | 699 | * the Policy Administration Point (PAP) component is in charge of authoring and managing authoring policies. It provides also the managed policies to other authorization service components. |
| | 700 | * the Policy Decision Point (PDP) components receives authorization requests from the PEP and evalutes these requests against authorization policies retrieved from the PAP. |
| | 701 | * the Policy Enforcement Point (PEP) checks the consistency of an authorization request and send the request to the PDP for evaluation. |
| | 702 | |
| | 703 | Argus requires specific configuration variables in the case where the three components are not running on the same host: |
| | 704 | * `PAP_HOST`: host name of PAP server. |
| | 705 | * `PDP_HOST`: host name of PDP server. |
| | 706 | * `PEP_HOST`: host name of PEP server. |
| | 707 | |
| | 708 | Each component can be customized: |
| | 709 | * `ARGUS_LOCATION`: base location of ARGUS services. Default: /opt/argus. |
| | 710 | * `PAP_PORT`: PAP standalone service port. Default: 8150. |
| | 711 | * `PAP_HOME`: home directory for the PAP service. Default: /opt/argus/pap. |
| | 712 | * `PDP_PORT`: PDP standalone service port. Default: 8152. |
| | 713 | * `PAP_HOME`: home directory for the PDP service. Default: /opt/argus/pdp. |
| | 714 | * `PEP_PORT`: PEP service port. Default: 8154. |
| | 715 | * `PEP_HOME`: home directory for the PEP service. Default: /opt/argus/pepd. |
