A zone, in Sysdig, is a collection of scopes that represent important areas of your business. For example, create a zone for your production environment, a staging environment, or a region.
Two zones are provided by default from Sysdig:
- Entire Infrastructure: This is applied to connected data sources for posture evaluation. CIS policies and the Sysdig Kubernetes policy are automatically applied to the Entire Infrastructure and the findings are reported on the Compliance landing page.
- Entire Git: If you have configured IaC scanning with Git integrations to your development pipeline in Git, then the Entire Git zone is automatically applied to those source repositories. You can also create more targeted zones for selected Git sources, if desired.
To use other policies, you must apply them to zones.
Create and Configure a Zone
A completed Zone includes:
- Zone name and description
- Zone scope (the area of business to be included)
- Applied policies
Policies > Posture|Zones.
New Zone, enter a zone
Description, and click
Define the Scope
Supported scope rules for each platform:
- Distribution (AKS, GKE, EKS, Vanilla Kubernetes)
- Cluster name
- Host (for Docker, Linux hosts)
- Git integration
- Git source(s)
Select polic(ies) from the drop-down list.
Save. The zone will be listed with the Platform and number of applied policies on the Zones list page.
Note that if a policy is applied on zones that have no relevant resources to evaluate for that policy, results will not appear on the Compliance page.
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.