Create a router policy
A router policy is an explicit rule that governs access to the network data plane. This policy dictates which identities are authorized to connect to which routers to access the NetFoundry overlay network. This guide walks you through creating one.
Steps
-
From the console, select your network from the dropdown in the left-hand menu.
-
Click Policies from the same menu.
-
Click the Router Policies tab.
-
Click the plus icon (+) to open the Create New Edge Router Policy form.
-
Fill in the required fields:
- Edge Router Policy Name: Enter a unique name for the policy (e.g., public to indicate that the policy grants access to all public, platform-hosted routers, which is the necessary first step for client identities to join the network).
-
Configure the policy rules:
- Select Edge Router Attributes: Enter the attributes or direct router references that define the routers this
policy applies to (e.g.,
#us-east-routers). - Select Identity Attributes: Enter the attributes or direct identity references that define the identities
authorized to connect to those routers (e.g.,
#employees).
- Select Edge Router Attributes: Enter the attributes or direct router references that define the routers this
policy applies to (e.g.,
-
Configure the policy semantic:
- Semantic: Select the logical operator for matching multiple rules:
- AnyOf: Matches if the attributes meet any of the defined rule sets.
- AllOf: Matches only if the attributes meet all of the defined rule sets.
- Semantic: Select the logical operator for matching multiple rules:
-
(Optional) Toggle Show more options to ON to configure custom tags:
- Custom tags: Use the Name and Value fields to attach non-functional metadata to the policy for tracking or inventory purposes.
-
Click Save.
After clicking Save, the console displays the created policy and the tabs showing all associated router attributes and identity attributes.