After applying project attributes to your projects, you can create policies that apply to those attributes. Projects and policies are linked based on the attributes assigned to the policy.
A policy can be applied to one or multiple project attributes; but a set of attributes can only be assigned to one policy. For example, if there is already a policy applied to
Frontend, you cannot create another policy that matches only these exact attributes.
Reminder: Policies assigned to project attributes apply when running snyk monitor in the CLI, assuming it runs on a CLI project with project attributes applied. Project attribute policies do not apply to snyk test.
To add an attribute, click on the desired attribute checkbox(es) from the attribute selector panel.
To remove an attribute from a policy, uncheck the desired attribute checkbox(es) from the attribute selector panel.
To be associated with a policy, a project must have all the attributes listed on the policy (the project could also have more attributes that are not listed on the policy).
For example, if you have a policy assigned to
Frontend, this policy applies to projects which includes those same attributes, but not to a project with the attributes
Here is our sample policy:
Here is a project that will inherit the policy:
Here is a project that will not inherit the policy:
It is possible that more than one policy can be apply for a project. For example, if you have a policy assigned to
External and another policy assigned to
Production. If you have a project that has the attributes
Production, it could apply to either of these policies!
If more than one policy can be associated with a project, the order of the policies on the policy manager page determines precedence. The policy closest to the top of the list takes precedence over other applicable policies below it. To change the order of policies, either drag and drop the policies into the right order, or use the ... button on the right hand side to move the policy up or down in the list.