Sonatype CLM Server - Policy Management
- 6.1. Getting Started
- 6.2. Step 1: Understand the Policy Intent
- 6.3. Step 2: Decide on a Descriptive Policy Name
- 6.4. Step 3: Choose an Appropriate Threat Level
- 6.5. Step 4: Choose the Application Matching Parameters
- 6.6. Step 5: Create Constraints with Conditions
- 6.7. Step 6: Set Policy Actions And Notifications
- 6.8. Summary
So you are ready to create your first policy. Great! If you have reached this point, it is important to be sure you have everything in place before you begin creating your own custom policies:
- Organizations and applications are set up as desired in the Sonatype CLM server.
- Users have been assigned to these organizations and applications with the proper roles to fulfill your security requirements.
- You have determined the risks that apply to your organization and/or applications.
If you haven’t done so, it’s also a good idea to write out the policies you want to create. While you will find the actual creation process is pretty easy, the more thought you put into your policies and their structure the better they will be.
Also, don’t forget, that once created, a policy needs to adjusted and modified over time. We refer to that more largely as Policy Management.