Open Raven allows you to apply Policies to enforce your data security standards. This lets you to both audit and monitor your cloud infrastructure through Open Raven.

When any Policy Violations occur, you will receive notifications -- as well as the operational ability to take actions. You can find Policies under "Configuration."


Prerequisite - Asset Groups

Please ensure you know how to configure Asset Groups before setting Policies. Refer to Creating an Asset Group for more details

To simplify Policy monitoring and enforcement, Open Raven uses the idea of:

  1. Policy Set
  2. Policy Rule
  3. Policy Asset Group.

1. Policy Set

A Policy Set is simply a collection of Policy Rules.

Open Raven provides you with Default Policies to get you started. You can also create New Policy Sets by selecting and/or deselecting Policy Rules.

2. Policy Rule

A Policy Rule defines the conditions and definition of an individual Rule. An individual Rule is an array of Rules that each Asset is passed through. Each Rule will be based on, and evaluate, a single “Policy fragment” for a single Asset. If the Policy is in violation in any way, that will return a result.

Open Raven provides you with a list of Default Policy Rules. You can also Create a New Policy Rule by using the "Policy as Code" Rule Editor.

3. Policy Asset Group

A Policy Asset Group will identify which data-stores (data store groups) you want to apply your Policy Set to. Please refer to Create an Asset Group to create Asset Groups for your policy.

What’s Next