How do I configure scope in Automation Service Broker policies

When you create a policy, you specify its scope to determine how the policy is applied. You can assign the policy to the whole organization, to multiple projects within the organization, or to a single project.

The scope options are the same for all policy types. After you create a policy, you cannot change the scope.

The following table provides more information about the application of each scope option.


Option	Project Criteria	Application
Organization/Multiple Projects	No	Organization. If no project criteria is defined, the policy is applied to all deployments in the organization.
Organization/Multiple Projects	Yes	Multiple projects. If you define project specific criteria, the policy is applied to deployments associated with the projects that meet the specified criteria.
Project	Select a project.	Single project. The policy is applied only to deployments associated with the project that you select.

Setting policy scope to multiple projects

If you want to apply a policy to multiple projects in your organization, you set the policy scope to Organization/Multiple Projects and specify project specific criteria.

Example of a project criteria expression as it appears in the UI.

When you define project criteria, you can filter projects based on project name, description, and ID.

Project criteria work in the same way as deployment criteria. For more information about constructing criteria, see How do I configure deployment criteria in Service Broker policies.

The following table gives more information about how you can use each property to refine the scope of your policy.


Property	Supports these operators	Example
Project description	equals not equal to matches Regex contains	You create a policy and you want to limit the application to developer projects in the organization that you administer. You set the scope to Organization/Multiple Projects and you add a project description expression that looks like the following example. Project description contains dev AND Project description contains test
Project ID	equals not equal to	You want to apply a policy only to two or three projects, you set the scope to Organization/Multiple Projects and you add a project ID expression that looks like the following example. Project ID equals proj123 OR Project ID equals proj456 OR Project ID equals proj789
Project name	equals not equal to matches Regex contains	You want to limit a policy to test projects in your organization, you set the scope to Organization/Multiple Projects and you add a project name expression that looks like the following example. Project name matches Regex (t\|T)est.*