Cluster Policy
Cluster Policy enforces security prerequisites, standardizes certificate issuance, and ensures compliance, all while promoting secure certificate management practices throughout your clusters.
-
refresh the list, click the
(refresh) icon. -
go to the pages, click the
(navigation) icon. -
hover the mouse over the number of row displayed on the page, the Show popup opens and choose the no. of rows to be displayed on the page.
-
CA Setting [Namespace Specific Policy Enforcement] - A Setting policy types are used to configure a dedicated CA and manage how certificates are issued within a namespace. This gives application teams working in a specific namespace access to their dedicated CA to request certificates for their unique domains.
- CA Setting Cluster [Cluster wide Policy Enforcement] - The CA Setting Cluster policy type is applied when application teams deploy workloads across the entire cluster. This policy type, regardless of where the applications are located, manages certificate issuance and CA configuration. It ensures seamless issuance of certificates from the enforced Certificate Authority and defined Policy, maintaining cluster-wide security and consistency.
-
Cluster Policy also helps define in which namespace certificate discovery needs to be disabled. For example, users can define a regex like `kube-*` to prevent certificate discovery from any namespaces starting with `kube`, like `kube-system`.
| Column Name | Description |
|---|---|
| Name | Unique policy name to be associated with one or more clusters. The special characters (-) and (_) are allowed. Maximum 255 characters are allowed. |
| Type | Type of cluster policy. |
| Created By | User ID of the policy creator. |
| No. of Clusters | Count of clusters associated with the policy. |
| No. of Namespace | Count of namespaces associated. |
| Last Updated At | Last updated Timestamp. |
| Edit | Allows to modify the clusters and namespaces associated with the policy. |