diff --git a/content/nap-waf/v5/admin-guide/overview.md b/content/nap-waf/v5/admin-guide/overview.md index 71e040735..563b1e637 100644 --- a/content/nap-waf/v5/admin-guide/overview.md +++ b/content/nap-waf/v5/admin-guide/overview.md @@ -66,14 +66,6 @@ Use the [NGINX App Protect WAF Compiler]({{< ref "/nap-waf/v5/admin-guide/compil For signature updates, read the [Update App Protect Signatures]({{< ref "/nap-waf/v5/admin-guide/compiler.md#update-app-protect-signatures" >}}) section of the compiler documentation. -## Policy Lifecycle Management - -NGINX App Protect WAF v5 introduces Policy Lifecycle Management (PLM) as a comprehensive solution for automating the management, compilation, and deployment of security policies within Kubernetes environments. PLM extends the WAF compiler capabilities by providing a native Kubernetes operator-based approach to policy orchestration. - -The Policy Lifecycle Management system is architected around a **Policy Controller** that implements the Kubernetes operator pattern to manage the complete lifecycle of WAF security artifacts. The system addresses the fundamental challenge of policy distribution at scale by eliminating manual intervention points and providing a declarative configuration model through Custom Resource Definitions (CRDs) for policies, logging profiles, signatures, and user-defined signatures. - -For detailed information about PLM architecture, functional components, and deployment procedures, see [Policy Lifecycle Management Guide]({{< ref "/nap-waf/v5/admin-guide/policy-lifecycle-management.md" >}}). - --- ## Transitioning from NGINX App Protect WAF v4 to v5 diff --git a/content/nap-waf/v5/admin-guide/policy-lifecycle-management.md b/content/nap-waf/v5/admin-guide/policy-lifecycle-management.md index d650bf4cc..04a8e44b9 100644 --- a/content/nap-waf/v5/admin-guide/policy-lifecycle-management.md +++ b/content/nap-waf/v5/admin-guide/policy-lifecycle-management.md @@ -2,6 +2,7 @@ title: Policy Lifecycle Management weight: 200 toc: true +draft: true type: how-to product: NAP-WAF --- diff --git a/content/nap-waf/v5/configuration-guide/configuration.md b/content/nap-waf/v5/configuration-guide/configuration.md index 552bd64dc..7b01bac9e 100644 --- a/content/nap-waf/v5/configuration-guide/configuration.md +++ b/content/nap-waf/v5/configuration-guide/configuration.md @@ -1048,7 +1048,6 @@ This table summarizes the nginx.conf directives for NGINX App Protect WAF functi |load_module | load_module | NGINX directive to load the App Protect module. It must be invoked with the App Protect library path | Global | load_module modules/ngx_http_app_protect_module.so | |app_protect_enforcer_address | : | The Enforcer service address. | HTTP | app_protect_enforcer_address 127.0.0.1:50000; | |app_protect_enable | app_protect_enable on | off | Whether to enable App Protect at the respective context. If not present, inherits from the parent context | HTTP, Server, Location | app_protect_enable on | -|app_protect_default_config_source | app_protect_default_config_source | Directive to specify custom resource for policy/logging profile bundles. Currently, only "custom-resource" is supported, and it enables Policy Lifecycle Management functionality. See [Policy Lifecycle Management]({{< ref "/nap-waf/v5/admin-guide/policy-lifecycle-management.md" >}}) for more details. | HTTP | app_protect_default_config_source "custom-resource" | |app_protect_policy_file | app_protect_policy_file | Set a App Protect policy configuring behavior for the respective context. | HTTP, Server, Location | app_protect_policy_file /config/waf/strict_policy.tgz | |app_protect_security_log_enable | app_protect_security_log_enable on | off | Whether to enable the App Protect per-request log at the respective context. | HTTP, Server, Location | app_protect_security_log_enable on | |app_protect_security_log | app_protect_security_log | Specifies the per-request logging: what to log and where | HTTP, Server, Location | app_protect_security_log /config/waf/log_illegal.tgz syslog:localhost:522 |