Configuring Policy Settings

Policy settings manage the onboarding and offboarding process when a cluster is added to or deleted from the inventory. Configuring the policy automates the manual steps involved in integrating KUBE+ with the onboarded clusters and ensures data integrity and security when clusters are offboarded from KUBE+.

To configure policy settings:

  1. Go to Menu > KUBE+ > System Administration > Policy Settings.
  2. Configure the off-boarding policy as follows:
    1. Click Yes in the Enable Off-boarding Policy field.
    2. In the What needs to be Off-boarded from Cluster? section, select any of the following options as needed:

      • Revoke Certificates deployed - This option allows the removal of certificates associated with the cluster during the off-boarding process.

      • Revoke Issuer CA deployed - This option allows the removal of the issuer CA associated with the cluster during the off-boarding process.

    3. In the What needs to be Off-boarded from AppViewX Inventory? section, select any of the following options as needed:
      • Auto Manage Certificate Groups - When the namespace is deleted in the cluster, all the resources under the certificate group (auto created) including the certificate and under the namespace will be deleted.
      • Delete Certificate YAML - This option allows removing the certificate YAML from the AppViewX inventory.
      • Delete Issuer CA - This option allows removing the issuer CA from the AppViewX inventory.
      • Disassociate Policy - This option allows removing entry of cluster if policy is cluster wide. Otherwise, removes the namespace of the cluster.
      • Delete Certificates - This option allows removing the certificates associated with the cluster.
      • Delete Certificate Groups - This option allows removing the auto created certificate groups.
      • Delete Cluster - This option allows removing the cluster from the Cluster inventory.
  3. Configure the on-boarding policy as follows:
    1. Click Yes in the Enable On-boarding Policy field.
    2. Click Yes in the Enable Auto provision of PKI Policy field to onboard new clusters with automated policy and PKI configuration.
  4. Click Save.