History

Eric Kao fa10dbc919 Library policy for tag-based network security zone Change-Id: I0233d1560169605be8aa51a79d0e71ff596568ea		2017-12-12 16:11:11 -08:00
..
disallowed_flavors	Split disallowed flavor policy into monitor and remediation	2017-07-25 19:13:50 +00:00
disallowed_images	Fix rule in permitted image library policy	2017-10-31 19:00:48 +00:00
security_groups	Fix lib policies SecurityGroups and UnsafeTraffic	2017-07-31 18:31:52 -07:00
volume_encryption	Fix syntax and reference in lib policy volume encryption	2017-07-30 21:25:06 -07:00
cross_project_network.yaml	Fix CrossProjectNetwork lib policy	2017-07-31 18:28:17 -07:00
network_gateway.yaml	Fix network gateway lib policy syntax	2017-07-30 21:16:38 -07:00
README.rst	Final changes for pike RC1	2017-08-10 08:32:51 -07:00
tag_based_network_security_zone.yaml	Library policy for tag-based network security zone	2017-12-12 16:11:11 -08:00

Policy Library

Congress bundles a library of useful policies to help users get started.

For example, the library/volume_encryption/servers_unencrypted_volume.yaml identifies and warns on servers with unencrypted volumes attached.

../../../library/volume_encryption/servers_unencrypted_volume.yaml

The latest collection library policies can be found here: https://github.com/openstack/congress/tree/master/library

To import a library policy YAML file into Congress, use the following CLI command (python-congressclient version 1.8.0 or higher https://pypi.python.org/pypi/python-congressclient/).

$ openstack congress policy create-from-file <path-to-policy-yaml>