Static Policies

Static policies will help you to maintain strict guidelines for a deployment pipeline by allowing users to validate the application configuration while creating an application in spinnaker through a policy.

Create Policy

To create a new policy follow the steps below:

1. Click “Compliance” → Click “Policy Management” → “+New Policy” button as shown below:

2. The Policy Management screen appears and select "Static" policy type as shown below:

Enter the following details:

• Enter the Name of the policy in the text box.

• Select the Policy type as Static from the drop-down.

• Select the Policy Engine as OPA from the drop-down.

• Select the Policy Engine Account from the drop-down.

• Enter the Policy Description in the text box.

• Select and add any available Policy file.

• Enter the Policy Details in the text box. Refer to the image below:

The Policy details is explained below:

• A rule is defined as the user's ability to choose the beginning of the application name. For Example, the application name must begin with “prod” as shown below.

deny["No Manual Judgement Stages"] {
 count(input.new.stages)>0
 startswith(input.new.name,"prod")
 manualStages := [d | d = input.new.stages[_].type; d == "manualJudgment"]
 count(manualStages) == 0
 }

• A rule is defined as requiring the user to have full execute permissions (Read, Execute, Write).

deny["Pipeline has no start time"] {
  startTime == 0
}

3. After entering the details click “Save & Finish” to create the policy as shown in the image below:

Edit Policy

To edit a policy follow the steps below:

1. Click the icon beside the name of the policy and select Edit as shown in the image below:

2. Edit the required details and click Save & Finish.

Delete Policy

To delete a policy follow the steps given below:

1. Click the icon beside the name of the policy and select Delete as shown in the image below:

2. The confirmation pop-up appears as shown below:

3. Click Yes, delete it! to delete the policy.