Manager |
Partner
Overview
Policy Profile uses OPA (Open Policy Agent) to centralize operations, security, and compliance.
When accessing the page, you can see an overview of all created profiles with selected rules and associated Projects.
| Icon | Action |
|---|---|
 / | Lock/unlock – only unlocked profiles can be used in Projects |
 | Delete – remove any unlocked profile |
 | Update – edit Policy profile |
 | Make default – automatically use this profile during Project creation |
Add Policy Profile
When adding a new Policy Profile, specify the following parameters:
- Name – choose a name for the profile
- Features
- Forbid NodePort
- Forbid HTTP ingresses
- Require Probe
- Add
- Allowed Repositories
- Forbid Specific Tags
- Ingress Whitelist
Add Profile to a Project
You can add the Profile during Project creation by checking “Add Policy Profile” from the drop-down selection.
Enforce Policies after the Project is created. You can disable it the same way.
Note
Please keep in mind that namespaces Monitoring, Velero, and Kube-system violate these policies