Sonatype CLM Server - Policy Management
- 1. Introduction
- 2. What is Sonatype CLM?
- 3. What is a Policy?
- 4. Organization and Application Management
- 5. Policy Development
- 6. Policy Creation
-
- 6.1. Getting Started
- 6.2. Step 1: Understand the Policy Intent
- 6.3. Step 2: Decide on a Descriptive Policy Name
- 6.4. Step 3: Choose an Appropriate Threat Level
- 6.5. Step 4: Choose the Application Matching Parameters
- 6.6. Step 5: Create Constraints with Conditions
- 6.7. Step 6: Set Policy Actions
- 6.8. Summary
- 7. Policy Elements
-
- 7.1. What is a Label?
- 7.2. Creating, Editing and Deleting a Label
- 7.3. Creating a Condition Based on a Label
- 7.4. What is a License Threat Group?
- 7.5. Creating, Editing, and Deleting a License Threat Group
- 7.6. Creating a Condition Based on a License Threat Group
- 7.7. Creating a Condition Based on an Unassigned License Threat Group
- 7.8. What is a Tag?
- 7.9. Creating, Editing, and Deleting Tags
- 7.10. Applying a Tag
- 7.11. Matching Policies to Specific Applications
- 7.12. Viewing Tag-based Policies
- 7.13. Summary
- 8. Manual Application Evaluation
- 9. Reviewing Evaluation Results
- 10. Importing Policies
- 11. Policy Monitoring
- 12. Conclusion
List of Figures
- 4.1. Using New Organization button
- 4.2. Using Global Create Button
- 4.3. Using New Application button
- 4.4. Using Global Create Button
- 5.1. Editing a Policy and its Attributes
- 6.1. Using New Policy Button
- 6.2. Using Global Create Button
- 6.3. Naming the Policy
- 6.4. Editing the Policy Threat Level
- 6.5. Example Constraint
- 6.6. Adding Constraints
- 6.7. Policy Actions Example
- 6.8. Setting Policy Actions
- 7.1. Using New Label Button
- 7.2. Using Global Create Button
- 7.3. Label Example
- 7.4. Creating a Label Condition
- 7.5. Using New License Threat Group Button
- 7.6. Using Global Create Button
- 7.7. Creating a License Threat Group
- 7.8. Creating a Condition Evaluating a License Threat Group
- 7.9. Creating a Condition Evaluating an unassigned License Threat Group
- 7.10. Example of Applied Tags
- 7.11. Using New Tag Button
- 7.12. Using Global Create Button
- 7.13. Creating a Tag
- 7.14. Example of Tags with Description
- 8.1. Evaluate an Application
- 8.2. Violations Report after Scan
- 9.1. Reporting Area
- 9.2. Application Area
- 9.3. Summary Tab of an Application Composition Report
- 9.4. Policy Tab of an Application Composition Report
- 9.5. Security Issues Tab of an Application Composition Report
- 9.6. License Analysis Tab of an Application Composition Report
- 9.7. Component Information Panel CIP for a Specific Component
- 9.8. Policy Section for a Specific Component Displayed on the Component Information Panel
- 10.1. Organization View with Import Button
- 10.2. Import Policy Dialog
- 11.1. Example of a Policy Monitoring Email
- 11.2. Access Application Management Area
- 11.3. Selecting a Sonatype CLM Stage to Monitor
- 11.4. Adding Email Recipient
- 11.5. Sample Email Notification