Define and apply governance policies in VMware Tanzu Platform hub
The governance guidance is based on based on a few governance goals. After you are familiar with the Tanzu Platform hub definition processes, you can begin to address your specific goals.
Governance goals and how to define them
To begin, determine the first goal that you want to address and use the procedure provided to familiarize yourself with the process. When you become familiar with defining and resolving the findings, you can leverage your new knowledge to define governance that is specific to your organizational needs.
| Goal | Governance process |
|---|---|
| An app owner, team, or SRE needs to ensure that their current resource configurations meet predefined industry or government benchmarks, such as CIS, PCI DSS, or ISO. | Apply a predefined Tanzu Platform hub governance benchmark |
| A security analyst needs to define rules and compliance frameworks that the app team must use. | Define Tanzu Platform hub governance for your resources |
What to read next
- Apply a predefined Tanzu Platform hub governance benchmark
As an application owner or SRE, you must ensure that your resource configurations meet a predefined industry standard or government benchmark such as CIS, PCI DSS, ISO, or others. The following steps show you how to create, edit, or clone a compliance framework and publish it. Then, you can apply a filter of the findings for the compliance framework. - Creating and using custom posture policies in Tanzu Platform hub
As an InfoSec analyst or administrator, you want to ensure that your resources have the correct configuration and remain configured over time to meet your organization’s security requirements. You can use the posture policies in Tanzu Platform hub to define, monitor, and report if a configuration does not match the defined policy.
Parent topic: Governing resources in VMware Tanzu Platform hub
