Creating a new policy
This topic describes how to create a new, custom policy to add to your policy library.
Create a policy by performing the following tasks:
The policies are written as code in YAML, so they can be easily authored as well as stored and compared using common version control tools. The policy authoring sandbox makes it easy to modify one of the standards based compliance policies (for example, CIS for Docker Containers) or create a new policy from scratch. If a new technology is introduced, you can extend the base connector to retrieve and send the new data. Any data that can be captured or converted to JSON format, can be evaluated with the powerful policy engine.
Creating the custom policy
To create your new policy, you need to have a JSON resource feed file and a YAML policy file.
To create the custom policy, complete the following steps:
- On the Cloud Security Dashboard, click Manage > Policies.
- Click Authoring Sandbox. The Authoring Sandbox is displayed.
- In the Resource JSON section, do one of the following:
- Click Create New, and then create a new-resource.json file in the text area.
- Click Select File and select a JSON that contains resource information.
- In the Policy YAML section, do one of the following:
- Click Create New, and then create a new-policy.yaml file in the text area.
- Click Select File and select a YAML file that contains policy information.
- When creating the policy, note the following key expressions and operators to make sure they reflect the goal of the policy:
resourceSpec - Instructs the policy how to parse the list of resources (expression), how to parse each resource’s display name (nameExpression), and the type of resources (typeExpression).
exportedVariables- Instructs the policy which variables to show for a specific resource.
severity- Defines whether a rule is displayed as Low(1-4), Medium(5-6), High(7-8) or Critical(9+).
ruleExpression - Defines how the policy determines if a resource is compliant or non-compliant. For more information about the expressions and operators, see Authoring policies.
- Once you have the YAML file in place, you can validate the content using the Validate Rules and Validate for Compliance options above the Policy YAML section. To view the results of the validation process, click the Results option in the bottom left section of the screen.
- Click Status to ensure that both files are valid.
- Click Save Policy to File in the respective sections to save each of the new files and make them available to the library, as highlighted below.
Adding the policy to the library
To add your new custom policy to the list of available policies, do the following:
- Navigate to the Manage Policies screen.
- Choose Import Policy > Import from disk.
- Specify the location where you saved your policy YAML file.
- On the Add Custom Policy dialog box, specify a name for the policy.
Note: The newly added policy might not appear on the screen immediately. Refresh the screen to view it.