Policy Profiles
Automatically enforce, monitor, and remediate policies
Profile uses OPA (Open Policy Agent) to centralize operational, security, and compliance.
Accessing the page you can see the overview of all created profiles with selected rules and associated projects.
Each profile can be:
Add Policy Profile
Name - choose name for the profile
Features:
Forbid NodePort
Forbid http ingresses
Require Probe
Add:
Allowed Repositories
Forbid Specific Tags
Ingress Whitelist
Add Profile to the Project
You can add the profile during project creation - choosing from drop down selection.
Enforce Policies after the project is created. You can disable it the same way.
Please keep in mind that namespaces monitoring, velero and kube-system violate these policies.
Last updated