Creating Rules

The rule builder allows you to automate the configuration of cluster policies and map the issuer CA to the cluster. Additionally, you can also automate the pushing of the issuer CA.

Prerequisites

Enable Onboarding Policy: Go to Menu > SYSTEM ADMINISTRATION > Policy Settings and enable the Enable On-boarding Policy toggle button. This will allow the rule builder to configure the cluster policy to the cluster and map the issuer CA.
Auto Provisioning: If required to automate the pushing of the issuer CA settings to the cluster, enable the Enable Auto provision of PKI Policy toggle button under Menu > SYSTEM ADMINISTRATION > Policy Settings.

To create a rule using the rule builder:

Go to Menu > KUBE+ > AUTOMATION > Rules.
The Rule : Access Control page is displayed.
Click Create Rule.
The Rules : Create page displayed.
On the Rule Details section, do the following actions:
1. In the Rule Name box, enter a name for the rule.
2. (Optional) In the Description box, enter additional information about the rule.
On the Rules section, configure the rules as follows:
1. From the default rules list, click Query or Script of Kube On-boarding Rule.
2. When you click on Query - The Rule builder :: Kube Rule, popup window opens:
  - Select a cluster policy from the Cluster Policy drop-down option.
  - Select an issuer CA from the Issuer CA drop-down option.
  - AND or OR condition for monitoring the dynamic tagging of clusters
  - Click Add Filter and select the field information from the drop-down list.
  - (Optional) Add filter group by clicking Add filter Group and then select the field information from the drop-down list.
3. Click Save.
  Note:
  - To discard the changes, click Cancel.
  - To clear the details, click Reset.
Go to the Rule inventory page, enable the Status toggle button against the desired rule.
This activates the rule. You can also disable this rule, if it is not required by disabling the Status toggle button.

What's Next

Configuring Policy Settings