Open seenu433 opened 2 years ago
@qpetraroia
Hi @seenu433, I just wanted to share that today, you can view the compliance/non-compliance status on Azure Policy's Portal. We are also actively investing in a feature that will expose Gatekeeper violation messages (for both audit and denials) on Azure Policy's aggregated compliance dashboard, as well as surfacing component compliance status in Azure Resource Graph for users to create custom reports.
Happy to share more about our investments to see if it meets the needs mentioned above. Feel free to contact policypm@microsoft.com.
Action required from @Azure/aks-pm
Issue needing attention of @Azure/aks-leads
Issue needing attention of @Azure/aks-leads
@seenu433 does this answer your question?
Action required from @Azure/aks-pm
Issue needing attention of @Azure/aks-leads
Issue needing attention of @Azure/aks-leads
Issue needing attention of @Azure/aks-leads
Issue needing attention of @Azure/aks-leads
Issue needing attention of @Azure/aks-leads
Issue needing attention of @Azure/aks-leads
Issue needing attention of @Azure/aks-leads
Issue needing attention of @Azure/aks-leads
Issue needing attention of @Azure/aks-leads
Issue needing attention of @Azure/aks-leads
Issue needing attention of @Azure/aks-leads
Issue needing attention of @Azure/aks-leads
Issue needing attention of @Azure/aks-leads
Issue needing attention of @Azure/aks-leads
Issue needing attention of @Azure/aks-leads
Issue needing attention of @Azure/aks-leads
Issue needing attention of @Azure/aks-leads
**Is your feature request related to a problem? Since Guardrails policies may include both audit and deny actions, it is important to surface both audit and denials for the cluster admin to understand/visualize the enforcement of the action. Though the gate keeper logs may have these details, it is extremely cumbersome to skim through the host of logs to understand if the guardrail is effective and attempts if any to violate the policy.
Describe the solution you'd like Provide a dashboard with the details on the audit/denial instances so that admins can
Describe alternatives you've considered Need to run through the gatekeeper pod logs and create custom workbooks to surface the detail required.
Since Azure policy cannot surface the denials, a such feature for Guardrails can be a differentiator.