Configuring Policy Settings

Policy settings manage the onboarding and offboarding process when a cluster is added to or deleted from the inventory. Configuring the policy automates the manual steps involved in integrating KUBE with the onboarded clusters and ensures data integrity and security when clusters are offboarded from KUBE.

To configure policy settings:

  1. Go to Menu > KUBE > System Administration > Policy Settings.
  2. Configure the off-boarding policy as follows:
    1. Click Yes in the Enable Off-boarding Policy field.
    2. In the What needs to be Off-boarded from Cluster? section, select any of the following options as needed:

      • Revoke Certificates deployed - This option allows the removal of certificates associated with the cluster during the off-boarding process.

      • Revoke Issuer CA deployed - This option allows the removal of the issuer CA associated with the cluster during the off-boarding process.

    3. In the What needs to be Off-boarded from AppViewX Inventory? section, select any of the following options as needed:
      • Auto Manage Certificate Groups - When the namespace is deleted in the cluster, all the resources under the certificate group (auto created) including the certificate and under the namespace will be deleted.
      • Delete Certificate YAML - This option allows removing the certificate YAML from the AppViewX inventory.
      • Delete Issuer CA - This option allows removing the issuer CA from the AppViewX inventory.
      • Disassociate Policy - This option allows removing entry of cluster if policy is cluster wide. Otherwise, removes the namespace of the cluster.
      • Delete Certificates - This option allows removing the certificates associated with the cluster.
      • Delete Certificate Groups - This option allows removing the auto created certificate groups.
      • Delete Cluster - This option allows removing the cluster from the Cluster inventory.
  3. Configure the on-boarding policy as follows:
    1. Click Yes in the Enable On-boarding Policy field.
    2. Click Yes in the Enable Auto provision of PKI Policy field to onboard new clusters with automated policy and PKI configuration.
  4. Click Save.