| 694 | == ARGUS == |
| 695 | |
| 696 | __Base template__ : `machine-types/argus`. |
| 697 | |
| 698 | Argus is a system meant to render consistent authorization decisions for distributed services. It is composed of three components: |
| 699 | * the Policy Administration Point (PAP) component is in charge of authoring and managing authoring policies. It provides also the managed policies to other authorization service components. |
| 700 | * the Policy Decision Point (PDP) components receives authorization requests from the PEP and evalutes these requests against authorization policies retrieved from the PAP. |
| 701 | * the Policy Enforcement Point (PEP) checks the consistency of an authorization request and send the request to the PDP for evaluation. |
| 702 | |
| 703 | Argus requires specific configuration variables in the case where the three components are not running on the same host: |
| 704 | * `PAP_HOST`: host name of PAP server. |
| 705 | * `PDP_HOST`: host name of PDP server. |
| 706 | * `PEP_HOST`: host name of PEP server. |
| 707 | |
| 708 | Each component can be customized: |
| 709 | * `ARGUS_LOCATION`: base location of ARGUS services. Default: /opt/argus. |
| 710 | * `PAP_PORT`: PAP standalone service port. Default: 8150. |
| 711 | * `PAP_HOME`: home directory for the PAP service. Default: /opt/argus/pap. |
| 712 | * `PDP_PORT`: PDP standalone service port. Default: 8152. |
| 713 | * `PAP_HOME`: home directory for the PDP service. Default: /opt/argus/pdp. |
| 714 | * `PEP_PORT`: PEP service port. Default: 8154. |
| 715 | * `PEP_HOME`: home directory for the PEP service. Default: /opt/argus/pepd. |