This topic explains how to create Build Assurance Policies and perform other operations relating to them.

View Build Assurance Policies

To view the Build Assurance Policies:

  1. In the Supply Chain Security module, from the left menu, click Build Assurance Policies. A list of all existing Assurance Policies is shown.
  2. Click the name of the policy to open the policy for review or editing.

Add a Build Assurance Policy

  1. In the Build Assurance Policies page, click Add Policy at the top right of the page.
  2. Enter the name of the policy. Allowed characters are uppercase and lowercase English letters, digits, dashes, and underscores.
  3. (Optional) Enter a Description of the policy.
  4. To add scope, select resource type, property, and value and click Add. You can add multiple scope terms as required. For more information on the, refer to Build Assurance Policies.
  5. (Optional) Switch the policy status on or off, as required.
  6. Select the Enforcement Mode as either Audit or Enforce to collect audit logs for the policy evaluation results or enforce building code if the policy fails the repository, respectively.
  7. If you select the Audit mode, click + Set Scheduler to specify days to switch the policy from the Audit to Enforce mode. If you do not specify days for switching, the policy will automatically be switched to Enforce mode after one day.
  8. In the Controls section, click controls from the list on the left pane, to include them in the policy. For more information on the controls, refer to Build Assurance Policies Overview.
  9. Click Save.

Modify a Build Assurance Policy

  1. In the Build Assurance Policies page, Select a policy from the list.
  2. Make changes to the policy definition, as necessary. To remove a control that is included in a policy, click the X next to it.
  3. Click Save.

Delete Build Assurance Policies

You can delete any or all Assurance Policies. To delete a policy, check the box next to the policy or policies to be deleted, and then click the Delete button.

Export Build Assurance Policies

Exporting and importing Assurance Policies is useful especially for distributing policies from one Aqua environment to another. One or multiple Assurance Policies can be exported to a JSON file 

To export the Assurance Policies, select the box next to the policy (or policies) that you want to export (or check the box next to Name column, to select all policies), and then click the Export button. The selected policies will be exported to a JSON file with a standard file name (which you may want to rename).

Import Build Assurance Policies

To import all the Assurance Policies from a JSON file (produced per the Export instructions above):

  1. In the Build Assurance Policies page, click the Import button at the top right of the page. Import Assurance Policies dialog appears.
  2. In the Import Assurance Policies dialog, click the Attachment icon.
  3. Browse the JSON file from your machine whose policy (or policies) that you want to import.
  4. If you do not want the import to replace the existing Assurance Policies with the same name, select Do not replace existing policies.
  5. Click Import.