You can create policy definitions to capture a custom set of rules that assess the compliance state of an application deployment.

About this task

Application Services includes the following predefined policy definitions.

  • Blacklist services - checks if an unwanted service is used in the blueprint node or logical template.

  • Memory policy - compares the node memory values against the defined minimum and maximum memory values.

  • CPU policy - compares the node CPU count values against the specified minimum and maximum memory values.

  • Max VM count policy - checks for the total number of virtual machine instances, with the exclusion of temporary virtual machines for external services, across all of the nodes in a deployment.

  • Mandatory services - checks if a blueprint node is missing the specified mandatory services.

Policies are visible to all business groups in their tenant, but are not visible in other tenants.

Prerequisites

  • Log in to Application Services as an application cloud administrator and an application publisher and deployer.

  • Familiarize yourself with the basic concepts of defining and configuring component properties and actions. See Developing Application Services Components.

  • To view examples about how to name or define a policy, select Library > Policies to view the predefined policy.

Procedure

  1. On the Application Services title bar, click the drop-down menu and select Library > Policies.
  2. Click New.
  3. Set the name of the policy, add a description, and click Save.

    Use a name associated to the policy definition for tracking purposes. For example, if the policy checks whether specific services are always applied to applications during deployment, you can list the service names in the description.

  4. Click Create Policy Version to create a policy version.

    You can create multiple versions for a policy.

    A page for creating a policy version opens.

  5. Complete the policy version information.

    The policy version name stays the same.

    1. Specify major, minor, or micro release versions, with or without qualifiers.

      For example, you might use version numbers such as 1.0, 1.5, or 1.0.1-CPU-Policy.

    2. (Optional) : In the Description section, describe the definitions in the policy. If the policy is based on a previous version, detail the differences between the two policy versions.
  6. For the Property Name and Description, define a variable and add an optional description.

    The property name cannot begin with a digit.

  7. To change the type, select a String or Array property type from the drop-down menu.

    You cannot add types to the menu.

  8. Type the value to substitute for this property when the script runs.

    For example, for a property called max_cpu_count, you might type 10 in this field to specify the maximum number of CPU allowed in an application.

  9. Select the Secured check box for passwords you define or to obscure the values of other properties.

    If a property is changed from Secured to Unsecured, Application Services resets the property value, for security purposes. You must set a new password value for the property.

  10. Click Delete to remove the selected row from the Properties section.
  11. (Optional) : Click Reset to revert to the original property value.
  12. Click OK and save your changes when you are finished.

Results

The policy you created is added to the page.

What to do next

Add a policy definition script to assess the compliance state of a deployment. See Create a Policy Definition Script.