Policy

Introduction

The Policy Manager page shows a list of your policies. You can see the policy names, IDs, descriptions, when they were last updated, and which policies are active. From this view you can also create or add policies, as well as edit, copy, delete, or download policies.

alt text

Create a New Bundle.

Create a new policy and add it to the list of policies.

  1. To add a new policy , click Create New Bundle.

    create new policy button

  2. Enter a unique name, along with an optional (but recommended) description for your new policy.

    create policy name

  3. Click OK. Notice that when you create a new policy, it is populated with two policies. DefaultPolicy is for a container image, and DefaultSourcePolicy is for a source repository.

    default policies

  4. Start adding rules to your new policy. You can edit existing policies, add additional policies, add new mappings or edit existing mapping rules from either source repositories or container images, set up allow lists, or allowed/denied images for your policy.

Refresh a Policy

Click Refresh the Bundle Data if multiple users are accessing the Policy Manager, or if policy items are being added or removed through the API or AnchoreCTL then you may update the list of policies.

alt text

Rename a Policy

  1. Click Edit Name to rename the policy.

    alt text

  2. Enter the new name.

  3. Click the green check to rename the policy.

    alt text

Policy Status

As described in the Managing Policies page, only one policy may be set as active (default). The management view for each policy includes a status indicator to represent the current status.

This label shows that the policy is active and that changes will have an immediate effect on your policy evaluation.

This label shows that the policy is not currently active and that changes can be made without altering the policy evaluation output.

Click Policies, or use the browsers navigation buttons to navigate back to the list of Policies.

alt text

Edit Bundle Content

You can edit the components of the policy at any time, including the policies, allowlists, mappings, and allowed or denied images.

alt text

Policies tab:

Edit or add policies and policy rules. See the Policies section for more information.

alt text

Allowlists tab:

Edit or add allowlists associated with the policy. See the Allowlists section for more information.

alt text

Mappings tab:

Edit or add mappings and mapping rules. See the Policy Mappings section for more information.

alt text

Allowed / Denied Images tab:

Edit or add images that you want allowed or denied in a policy. Each of the policy elements can be edited by selecting the appropriate tab in the navigation bar. See the Allowed / Denied Images section for more information.

alt text

Last modified October 25, 2023