docs: merge tracee policies and filtering #3618
Conversation
Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
docs/docs/events/overview.md
Outdated
There was a problem hiding this comment.
I think the entire page needs to be rewritten, let's pair on this
docs/docs/policies/index.md
Outdated
| @@ -7,7 +9,7 @@ Lastly, policies require a scope. The scope details which resources the policy a | |||
|
|
|||
| You can load multiple (up to 64) policies into Tracee using the --policy flag providing a path to the policy file. | |||
|
|
|||
| Following is a sample policy: | |||
| Following is a sample policy for the Tracee Kubernetes usage: | |||
There was a problem hiding this comment.
no that's actually a valid policy regardless of k8s
There was a problem hiding this comment.
this is not specific to Kubernetes? So you would use this policy file as such through Tracee config?
with the following Kubernetes sections?
apiVersion: tracee.aquasec.com/v1beta1
kind: Policy
metadata:|
|
||
| Through Querying the Tracee Configmap, users can access the default configuration and apply changes: | ||
| ```console | ||
| kubectl edit ds/tracee -n tracee-system |
There was a problem hiding this comment.
you talk about querying the ConfigMap but show how to edit a workload. (also s/querying/editing/)
There was a problem hiding this comment.
*"Tracee Configmap that is part of the Daemonset"
There was a problem hiding this comment.
I believe it will be a separate ConfigMap in the Operator
docs/docs/policies/index.md
Outdated
|
|
||
| ## Tracee CLI Policy configuration | ||
|
|
||
| Applying Tracee Policies in the CLI is further detailed within the [filtering section.](./filtering) |
There was a problem hiding this comment.
actually, you can use a policy file on the cli as well
There was a problem hiding this comment.
https://aquasecurity.github.io/tracee/dev/docs/config/overview/ should I link here? we should add an example onto this page -- what do you think?
There was a problem hiding this comment.
Also, I have a bit of an issue with the ways Policies can be applied/changed through Tracee --
The Policy section details https://aquasecurity.github.io/tracee/dev/docs/policies/ providing an example Policy for Kubernetes
And tracee can also be configured in the CLI through flags and the --config command which is detailed here: https://aquasecurity.github.io/tracee/dev/docs/config/overview/
Under Config in the docs -- so I could link to it from the Policies section
Here is my issue, also under Config in the docs, is detailed how to Configure Tracee in Kubernetes but that example seems very specific to configuring Tracee, not to applying policies https://aquasecurity.github.io/tracee/dev/docs/config/kubernetes/
So, it would be a bit confusing to link to the Config section from the Policies overview section -- what do you think of
Adding to the Policy Overview section an example of creating a config file for the CLI to modify policies and providing it through the --config flag and then saying for "further options on using the --config flag and configuring Tracee logs" to look at the Config section of the docs
Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
|
I am closing this particular PR for now because I am working on a new branch on a new version based on the pairing with Itay last week. Will link it here once I have a WIP PR. |
Based on the following issue: #3607
Merging the policies and filtering section of the docs