1. What is the nature and description of the request?

The customer requests an enhancement to the input data sent from Ansible Automation Platform (AAP) to Open Policy Agent (OPA) during policy enforcement.

Currently, AAP provides only high-level inventory metadata (inventory ID, name, total hosts, total groups) and a raw, unresolved limit value. The customer is requesting that AAP include resolved and explicit execution target data, such as:

include a list of hosts, a list of groups, or a translated limit field in the input data sent to OPA.

• • The list of hosts in the inventory

• • The list of groups in the inventory

• • The resolved list of hosts affected by the job when a limit is specified

This enhancement would allow OPA policies to evaluate execution rules without performing external API calls.

1. Why does the customer need this? (List the business requirements here)

The customer uses Policy as Code to strictly control job execution and enforce operational and security rules, including but not limited to:

• • Preventing execution on inventories with more than a defined number of hosts (e.g. >500)

• • Preventing cross-datacenter execution

• • Preventing cross-operating system execution

• • Preventing cross-environment execution

This negatively impacts performance, scalability, maintainability, and reliability of policy enforcement in production environments.

1. How would you like to achieve this? (List the functional requirements here)

The customer would like AAP to enrich the OPA input payload

This would allow OPA to make deterministic policy decisions without external dependencies or additional API calls.