Security Policies
Last updated
Last updated
Security Policies are the rules of traffic that are allowed or not allowed in your cluster. Following the you should only allow the traffic necessary for you service to work. ClusterWare automatically generates certain policies to manage and secure your infrastructure. In addition to the automatically created policies, you have the option to create custom policies to further restrict access to your infrastructure.
External: External tag indicates that this policy comes from the same server, but in a different cluster on your account. Servers with the same hostname and port created in different clusters share their Security Policies. This allows you to reuse the same server in different clusters and apply cluster-specific Security Policies seamlessly.
Incoming/Outgoing default: ClusterWare by default blocks all incoming traffic and allows all outgoing traffic from the server.
Allow SSH from ClusterWare: All servers are included in this policy allowing ClusterWare to access them and collect insights surfaced in the ClusterWare Console.
Allow from Internet to Load Balancer: For each server hosting a Load Balancer ClusterWare generates a policy allowing incoming traffic from the Internet to the Load Balancer server on the specified port.
Allow From Load Balancer to Applications: For each server hosting a Load Balancer ClusterWare generates a policy allowing outgoing traffic from the Load Balancer server to all Applications in the cluster.
The three-dot menu in the top right corner of the card provides additional actions for the policy:
Delete: Permanently removes the Security Policy from the cluster.
Auto: This policy is automatically generated by ClusterWare. See
: Edit the Security Policy configuration details.
: The button is located at the bottom of the page. It allows the user to add a new Security Policy to the cluster.
