Applying governance policies to clusters using TMC
In the previous section of the chapter, we learned how to get started with TMC by registering a TKG management cluster, creating a TKG workload cluster, attaching a GKE cluster, and finally, grouping them – but why do we bring all the clusters to TMC? In this section, we will check this out by performing various activities with these clusters using the TMC interface. We will cover the following activities:
- Configuring a security policy for a cluster group
- Configuring an image registry governance policy for a Workspace
- Configuring a deployment governance policy for a cluster group
- Checking policy violation status for clusters
- Inspecting a cluster for CIS benchmark compliance
This is a long list of activities to cover in this section. Let’s knock them off one by one.
Configuring a security policy for a cluster group
When it comes to running containers, several things can be misconfigured...