The CI/CD policies inventory includes both out-of-the-box and custom policies.
To access the inventory:
Under Modules, select → .
In the filter panel, select → .
The following list describes the policy fields/properties exposed in the inventory table. Select Table Settings Menu to view and add additional properties to the table.
Properties/attribute | Description |
|---|---|
Policy Name | The name of the CI/CD policy |
Status | Whether the policy is enabled or disable |
Description | A description of the CI/CD policy |
Scan Type | CI/CD Risks is the immutable value |
Conditions | The specific criteria that trigger the policy |
Actions | Actions to take when the policy detects its target risk |
Scope | The assets to be evaluated by the policy |
Trigger | Trigger types that define when the condition will be evaluated. Options include Periodic scan, Pull Request scan and CI scan |
Last Triggered | The last time that the policy was triggered |
Created By | The user or entity that created the policy |
Modified by | The user or entity that modified the policy |
Modification Time | The timestamp of the most recent change to the policy |
Open Issues | The amount of issues detected by the policy that remain unresolved |
Expanded policy details
Selecting a policy opens a side panel where you can review additional details:
Metadata:
Policy details: Name and description of the policy
Policy ownership: Information on the policy's creator and last modifier
Note
To view all out-of-the-box (OOTB) policies, filter by
Policy Owner = System.Timestamps: The last time the policy was modified and last triggered
Scope: The asset type the policy applies to, along with a table summarizing the policy conditions, trigger, and actions, displayed as follows:
When: The trigger that initiates the policy action, such as Periodic, Pull Request, or CI scans
If: Conditions that are applied to the policy. For example:
(Finding Type = CI/CD Risks) AND (Severity = Critical)Then: Triggered actions for the policy, such as Create issue and Block PR