Skip to main content

Policy Examples

Flagging appeared keys

To easily find keys that have been added outside Key Manager, you can make a policy that flags all appeared keys. (For more information about configuring policies, see Enforcing Policies in the Managed Environment).

To create a policy, go to Policies→Policy Rules page and Create a new rule. Select Forbidden authorizations type rule. When creating the rule, enable the rule to also target private keys, and change the filtering so that the rule targets appeared keys.

Once the policy is in effect, all appeared keys found during validation are flagged. Note that the keys targeted by the policy will be 0% compliant, since there is no way for keys flagged by this policy to be compliant.