Sonatype CLM Server - Policy Management
So you are ready to create your first policy. Great! If you have reached this point, it is important to be sure you have everything in place before you begin creating your own custom policies:
- Organizations and applications are set up as desired in the Sonatype CLM server.
- Users have been assigned to these organizations and applications with the proper roles to fulfill your security requirements.
- You have determined the risks that apply to your organization and/or applications.
If you haven’t done so, it’s also a good idea to write out the policies you want to create. While you will find the actual creation process is pretty easy, the more thought you put into your policies and their structure the better they will be.
Also, don’t forget, that once created, a policy needs to adjusted and modified over time. We refer to that more largely as Policy Management.
![]() |
|
Our instruction follow the process for creating a policy for an organization. This is where most of your policies will be created. However, if you need to create an application-specific policy, just substitute application for organization. |
We’ve decided to break policy creation into six total steps. Each step deals with a specific area of a policy and will be described in detail. Before you go to the first step, you should know there are two key ways to create a policy.
There is really no difference here, as both require that you have the organization or application open at the time of creation. The one advantage with using the Global Create button is that you can create no matter which tab of the currently selected organization or application you are in.