View and apply Auto-discovered Policies
Auto Discovery is a policy recommendation system that suggests network and system policies based on the collected network and system logs respectively.
Currently, Auto-Discovery can discover (i) egress/ingress network policy for Pod-to- Pod, (External)Service, Entity, CIDR, FQDN, HTTP. And In the System perspective, it can discover (ii) process, file, and network-relevant system policy.
View Auto Discovered Policies.¶
You can filter Auto Discovered Policies using the following filters:
Cluster:- Filter Policies by clusters belonging to your workspace.
Namespace: Filter Policies by namespaces belonging to selected clusters
Policy-Type: Filter Policies by Policy types. There are 3 Policy types. (i) Network-Ingress (ii) Network-Egress (iii) System Policy
Category: Category will give the status of the policies. There are 2 categories.
Used: When the Policy is applied from the Auto Discovered Policy Screen, It will go to All Policy Screen and Category will be changed to Used. You can list all used policies with the used category.
Ignore: You can list all ignored policies using this filter.
Apply Auto Discovered Policies.¶
- Select one or more policies from the list
Note: The default screen will show all unused policies.
- Click the “Action” button on the top right corner.
There are 3 Actions that can be performed. (i) Apply (ii) Ignore (iii) Deselect all
- Click Apply. Then Policy will be applied to the cluster. Applied Policy will go to pending approval.
- Click on the “Go to the Pending Approval” screen and Approve the policy.
Note: You need Administrative permission to approve policies.
- Approved Policy will appear on All Policies Screen.