Profile uses OPA (Open Policy Agent) to centralize operational, security, and compliance.
Select organization for a better overview of Alerting Profiles.
Accessing the page you can see the overview of all created profiles with selected rules and associated projects.
Each profile can be:
/
Un/lock profile – if you lock the profiles, you can’t use them for new Project, edit or delete them
Delete – delete non-used and unlocked profiles
Update Profile – update policy profile
Make default – choose profile which will be then filled during project creation, lighter color indicates selected credentials
Add Policy Profile #
Name – choose name for the profile
Features:
Forbid NodePort
Forbid http ingresses
Require Probe
Add:
Allowed Repositories
Forbid Specific Tags
Ingress Whitelist
Add Profile to the Project #
You can add the profile during project creation – choosing from drop down selection.
Enforce Policies after the project is created. You can disable it the same way.
Warning
Please keep in mind that namespaces monitoring, velero and kube-system violate these policies.
