centersl/portainer-docs
1
0
Fork 0
mirror of https://github.com/portainer/portainer-docs.git synced 2026-03-27 04:48:31 +07:00
Code Issues Packages Projects Releases Wiki Activity

GITBOOK-4: Policies changes

Browse Source
This commit is contained in:
Hannah Cooper
2026-02-23 02:13:58 +00:00
committed by gitbook-bot
parent 204100c468
commit ba3e78e6e9
23 changed files with 31 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
admin/environments/groups.md
View File

@@ -12,11 +12,11 @@ Groups organize your environments in Portainer. As an example, you can create gr
Portainer Community Edition supports basic user and group assignments. For more complex user roles within groups, use Portainer Business Edition.
{% endhint %}
## Adding a group
## Creating a group
From the menu expand **Environment-related**, select **Groups**, then click **Add group**. 
<figure><img src="../../.gitbook/assets/2.37.0-add-group-gif.gif" alt=""><figcaption></figcaption></figure>
<figure><img src="../../.gitbook/assets/2.39-add-a-group.gif" alt=""><figcaption></figcaption></figure>
Define the properties of the group, using the table below as a guide.
@@ -41,10 +41,12 @@ Removing a group will not delete environments and users in that group. However,
## Manage policies of a group
[Policies](policies/) allow you to apply configuration, security rules, and cluster settings to groups of environments, rather than configuring each environment individually. Note that the policies feature is experimental and [must be turned on in settings](../settings/general.md#experimental-features) before it can be used.&#x20;
[Policies](policies/) allow you to apply configuration, security rules, and cluster settings to groups of environments, rather than configuring each environment individually.
To manage the policies of a group, in the menu expand **Environment-related** then select **Groups**. Locate the environment group you want to manage the policies for, then select **Manage policies** under the **Actions** table header. This will direct you to the [Policies](policies/) page where you can manage existing polices or create new policies.&#x20;
<figure><img src="../../.gitbook/assets/2.39-group-to-policy-nav.gif" alt=""><figcaption></figcaption></figure>
## Manage access to an environment group
{% hint style="warning" %}

24
admin/environments/policies/README.md
View File

@@ -6,12 +6,6 @@ metaLinks:
# Policies
{% hint style="warning" %}
Policies is part of the new Policy Based Management functionality which is considered a beta feature:\
\- To access this feature, enable **Policy Based Management** in the [additional functionality](../../settings/general.md#additional-functionality) section within the settings.\
\- Use this feature with caution and expect changes or additions as development continues.
{% endhint %}
{% hint style="warning" %}
Policies can only be applied to Edge (Standard) Agent environments that are of version 2.37.0 or greater.
{% endhint %}
@@ -20,17 +14,17 @@ Policies can only be applied to Edge (Standard) Agent environments that are of v
Policies can only be created in Portainer Business Edition.
{% endhint %}
Policies introduces a centralized configuration and policy inheritance as part of the Policy Based Management feature set. This allows you to apply configuration, security rules, and cluster settings to groups of environments, rather than configuring each environment individually. By defining settings once at the group level, all child environments inherit those values, helping you keep access consistent and reduce configuration drift. Any created policies will override existing environment level access.
Policies introduces a centralized configuration and policy inheritance as part of the Fleet Governance Policies feature set. This allows you to apply configuration, security rules, and cluster settings to groups of environments, rather than configuring each environment individually. By defining settings once at the group level, all child environments inherit those values, helping you keep access consistent and reduce configuration drift. Any created policies will override existing environment level access.
## Create a new policy
From the menu, under **Environment-related**, select **Policies** then select **Create policy**.
<figure><img src="../../../.gitbook/assets/2.38.1-create-policy.gif" alt=""><figcaption></figcaption></figure>
<figure><img src="../../../.gitbook/assets/2.39-Create-policy.gif" alt=""><figcaption></figcaption></figure>
There are multiple policy types available, depending on the environment type you are managing and the kind of access you want to enforce. You can use the search function or filter by environment type or policy category to narrow down the list.
After selecting a policy type, select **Continue** at the bottom of the page to open the configuration form. The fields shown will vary depending on the policy you are creating, and each form guides you through the required settings for that specific policy. Select an environment type below for more details on creating the policy.&#x20;
After selecting a policy type, select **Continue** at the bottom of the page to open the configuration form. The fields shown will vary depending on the policy you are creating, each form guides you through creation of that specific policy. Select an environment type below for more details on creating the policy.&#x20;
{% content-ref url="kubernetes-policies/" %}
[kubernetes-policies](kubernetes-policies/)
@@ -44,9 +38,9 @@ After selecting a policy type, select **Continue** at the bottom of the page to
From the menu, under **Environment-related**, select **Policies**. The policies page lists all existing policies. To see the details of an existing policy, click on the policy name.&#x20;
<figure><img src="../../../.gitbook/assets/2.28.1-Policy-details.gif" alt=""><figcaption></figcaption></figure>
<figure><img src="../../../.gitbook/assets/2.39-policy-details.gif" alt=""><figcaption></figcaption></figure>
Three tabs display the policy details: **Info**, **Attachments**, and **Settings**. These details are read-only for standard users and can be edited by admin users from this view.
Three tabs display the policy details: **Info**, **Attachments**, and **Settings**.
### Info
@@ -59,7 +53,7 @@ The **Info** tab displays general information about the policy setup.
| Policy Requirements | The policy requirements define the conditions an environment must meet to be added to this policy, such as the environment type and agent version. Currently, policies can only be applied to Edge (Standard) Agent environments running version 2.37.0 or later. |
| Last updated | The date and time that the policy was last updated. |
<figure><img src="../../../.gitbook/assets/2.38-Policy-details.png" alt=""><figcaption></figcaption></figure>
<figure><img src="../../../.gitbook/assets/2.39-policy-info.png" alt=""><figcaption></figcaption></figure>
### Attachments&#x20;
@@ -77,7 +71,7 @@ If a policy attachment fails, it is automatically retried every 15 minutes. If t
| Message | If the status is not Active, the displayed message explains why the policy could not be applied to the environment. |
| Last Attempt | The date and time the policy was last applied or attempted to be applied to the environment. |
<figure><img src="../../../.gitbook/assets/2.38.1-policy-attachments.png" alt=""><figcaption></figcaption></figure>
<figure><img src="../../../.gitbook/assets/2.39-policy-attachments-1.png" alt=""><figcaption></figcaption></figure>
### Settings&#x20;
@@ -85,6 +79,6 @@ The Settings tab shows the policy configuration. Settings vary by policy type. D
## Remove a policy
From the menu, under **Environment-related**, select **Policies**. Tick the checkbox next to the policy you want to remove then click **Remove**.
To remove a policy, from the menu, under **Environment-related**, select **Policies**. Tick the checkbox next to the policy you want to remove then click **Remove**.
<figure><img src="../../../.gitbook/assets/2.38.1-Remove-policy.gif" alt=""><figcaption></figcaption></figure>
<figure><img src="../../../.gitbook/assets/2.39-remove-policy.gif" alt=""><figcaption></figcaption></figure>

9
admin/settings/general.md
View File

@@ -157,12 +157,11 @@ After making changes to this section, click **Apply Changes**.
This section contains options for enabling and configuring additional functionality within Portainer.
| Field/Option | Overview |
| ----------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| Observability | <p>Toggle this on to enable the Observability feature. Enabling this will add a new menu section named <a href="../../user/observability/">Observability</a> to the left hand menu.<br>This feature is currently limited to alerting, with additional observability capabilities to be introduced in future updates.</p> |
| Policy Based Management | Toggle this on to enable the Policy Based Management feature. Enabling this will add a new menu item [policies](../environments/policies/) within the Environment-related menu. |
| Field/Option | Overview |
| ------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| Observability | <p>Toggle this on to enable the Observability feature which is avaliable under <strong>Additional Functionality</strong> in the left hand menu.<br>This feature is currently limited to alerting, with additional observability capabilities to be introduced in future updates.</p> |
<figure><img src="../../.gitbook/assets/2.38-Additional-functionality.png" alt=""><figcaption></figcaption></figure>
<figure><img src="../../.gitbook/assets/2.39-additional-functionality.png" alt=""><figcaption></figcaption></figure>
## Experimental features