Skip to content

troubleshooting.md

Latest commit

 

History

History
75 lines (59 loc) · 3.17 KB

troubleshooting.md

File metadata and controls

75 lines (59 loc) · 3.17 KB

🛠️ Troubleshooting - Lab 38: Multi-Profile Policy Gate

This guide captures the common issues and recovery steps documented for the lab.

YAML parsing errors

(venv) toor@ip-172-31-10-174:~/policy-gate-lab$ python3 -c "import yaml; yaml.safe_load(open('config/profiles/healthcare.yaml'))"
{'profile': {'name': 'healthcare', 'industry': 'HIPAA-compliant', 'rules': [{'id': 'data_encryption', 'enabled': True, 'severity': 'critical', 'requirement': 'All PHI must be encrypted'}, {'id': 'access_logging', 'enabled': True, 'severity': 'high', 'requirement': 'Log all data access'}, {'id': 'data_retention', 'enabled': True, 'severity': 'medium', 'requirement': 'Healthcare records must not exceed retention policy', 'max_days': 2555}]}}

(venv) toor@ip-172-31-10-174:~/policy-gate-lab$ python3 -c "import yaml; yaml.safe_load(open('config/profiles/finance.yaml'))"
{'profile': {'name': 'finance', 'industry': 'PCI-DSS-compliant', 'rules': [{'id': 'data_encryption', 'enabled': True, 'severity': 'critical', 'requirement': 'Encrypt cardholder data'}, {'id': 'network_segmentation', 'enabled': True, 'severity': 'critical', 'requirement': 'Isolate payment networks'}, {'id': 'access_control', 'enabled': True, 'severity': 'high', 'requirement': 'Enforce strong password controls', 'min_password_length': 12}]}}

(venv) toor@ip-172-31-10-174:~/policy-gate-lab$ python3 -c "import yaml; yaml.safe_load(open('config/profiles/retail.yaml'))"
{'profile': {'name': 'retail', 'industry': 'general-commerce', 'rules': [{'id': 'data_encryption', 'enabled': True, 'severity': 'medium', 'requirement': 'Encrypt customer PII'}, {'id': 'rate_limiting', 'enabled': True, 'severity': 'low', 'requirement': 'Limit request volume to protect services', 'max_requests': 1000}]}}

Profile not switching

(venv) toor@ip-172-31-10-174:~/policy-gate-lab$ ls -la config/profiles/
total 20
drwxr-xr-x 2 toor toor 4096 Apr 12 19:58 .
drwxr-xr-x 3 toor toor 4096 Apr 12 19:58 ..
-rw-r--r-- 1 toor toor  420 Apr 12 19:58 finance.yaml
-rw-r--r-- 1 toor toor  474 Apr 12 19:57 healthcare.yaml
-rw-r--r-- 1 toor toor  283 Apr 12 19:58 retail.yaml
  • Verify the profile file exists in config/profiles/
  • Ensure the profile name matches the filename without .yaml

Enforcement not working

(venv) toor@ip-172-31-10-174:~/policy-gate-lab$ curl http://localhost:8080/status
{
  "active_profile": "retail",
  "industry": "general-commerce",
  "enabled_rules": [
    {
      "id": "data_encryption",
      "severity": "medium",
      "requirement": "Encrypt customer PII",
      "metadata": {}
    },
    {
      "id": "rate_limiting",
      "severity": "low",
      "requirement": "Limit request volume to protect services",
      "metadata": {
        "max_requests": 1000
      }
    }
  ],
  "total_rules": 2
}
  • Verify the active profile is set
  • Check that request data matches expected fields
  • Review server terminal output if needed

Port already in use

(venv) toor@ip-172-31-10-174:~/policy-gate-lab$ sudo lsof -ti:8080
8421

(venv) toor@ip-172-31-10-174:~/policy-gate-lab$ sudo lsof -ti:8080 | xargs -r kill -9

If needed, you can also change the port in api_gateway.py to run_server(port=8081).