Oso Cloud supports multiple environments so that you can test changes to your policy/facts without impacting your users. This guide will cover the basics of working with environments in Oso Cloud.
Before going through this guide, make sure you follow the Oso Cloud Quickstart to get your Oso API Key(s).
Each environment in Oso Cloud has a different set of API keys, which you can control from the dashboard. You can't see API keys after you've generated them, so make sure to save API keys in a secure location. If you ever lose or need to rotate your API keys, you can revoke and generate new keys from the dashboard.
To access a different environment using the Oso Cloud CLI, you can change the
OSO_AUTH variable in your shell session:
$ export OSO_AUTH=<dev_api_key> $ oso-cloud policy == Policy: policy.polar == ... your development policy... ... $ export OSO_AUTH=<staging_api_key> $ oso-cloud policy == Policy: policy.polar == ... your staging policy... ...
API keys come with two levels of access,
Read Write and
Read Only. You'll be asked to specify one of these when
you create a new key.
Read Write keys are able to access all resources in Oso Cloud. These can be useful in development
environments or for apps and services that need to be able to write facts and update policies as well as authorize actions.
Read Only keys are only able to read facts and authorize actions. These can be useful if you have apps or services
that only need to perform authorization, but do not write to Oso Cloud.
Talk to an Oso Engineer
Our team is happy to help you get started with Oso Cloud. If you'd like to learn more about using Oso Cloud in your app or have any questions about this guide, schedule a 1x1 with an Oso engineer.