Logo Sonatype CLM The CLM Book - Optimized Component Lifecycle Management with Sonatype CLM
Documentation Index
Sonatype CLM Downloads
Release Notes
Document Descriptions and PDFs
Upgrade Instructions
Requirements

Sonatype CLM Server
Installation and Configuration
Security Administration
Policy Management
Dashboard
Application Composition Report
REST APIs

Sonatype CLM for...
Bamboo
CLI
Hudson and Jenkins
IDE
Maven
Nexus
SonarQube

The CLM Book (All Guides)
Optimized Component Lifecycle Management with Sonatype CLM

The CLM Book - Optimized Component Lifecycle Management with Sonatype CLM

Chapter 3. Sonatype CLM Policy Management

3.1. Introduction
3.2. What is a Policy?
3.2.1. Basic Policy Anatomy
3.2.2. Organizations, Applications and Inheritance
3.2.3. Summary
3.3. Organization and Application Management
3.3.1. Organizational Structure
3.3.2. Creating an Organization
3.3.3. Creating an Application
3.3.4. Organization, Application, and Inheritance
3.3.5. The Power of Inheritance
3.3.6. Avoiding Policy Micromanagement
3.3.7. Permissions and Roles
3.3.8. Summary
3.4. Policy Development
3.4.1. Advanced Anatomy of a Policy
3.4.2. Risk and Organizational Intent
3.4.3. Summary
3.5. Policy Creation
3.5.1. Getting Started
3.5.2. Step 1: Understand the Policy Intent
3.5.3. Step 2: Decide on a Descriptive Policy Name
3.5.4. Step 3: Choose an Appropriate Threat Level
3.5.5. Step 4: Choose the Application Matching Parameters
3.5.6. Step 5: Create Constraints with Conditions
3.5.7. Step 6: Set Policy Actions
3.5.8. Summary
3.6. Policy Elements
3.6.1. What is a Label?
3.6.2. Creating, Editing and Deleting a Label
3.6.3. Creating a Condition Based on a Label
3.6.4. What is a License Threat Group?
3.6.5. Creating, Editing, and Deleting a License Threat Group
3.6.6. Creating a Condition Based on a License Threat Group
3.6.7. Creating a Condition Based on an Unassigned License Threat Group
3.6.8. What is a Tag?
3.6.9. Creating, Editing, and Deleting Tags
3.6.10. Applying a Tag
3.6.11. Matching Policies to Specific Applications
3.6.12. Viewing Tag-based Policies
3.6.13. Summary
3.7. Manual Application Evaluation
3.7.1. Evaluating via the CLM Server
3.7.2. Successful Evaluations and Report Generation
3.7.3. Summary
3.8. Reviewing Evaluation Results
3.8.1. Accessing the Application Composition Report
3.8.2. Reviewing the Report
3.8.3. Summary
3.9. Importing Policies
3.9.1. Sonatype Sample Policy Set
3.9.2. Importing a Policy to an Organization
3.9.3. Importing a Policy to an Application
3.9.4. Summary
3.10. Policy Monitoring
3.10.1. Setup Policy Monitoring for an Application
3.10.2. Configuring Notification Times
3.10.3. Summary
3.11. Conclusion