Syncro will be releasing a highly requested feature later this month, the Applied Policy Report. This new report allows you to determine what endpoints are utilizing a particular policy within their Policy Inheritance structure.
You’ll be able to run reports against a single policy to see which assets currently have it in use, and you’ll be able to filter by Customer if need be. You’ll even be able to run this against Saved Asset Searches as well.
I want to try and understand what this report is actually showing, in the circumstance of many policies being utilized to create an effective policy for assets.
Will this report list an asset if the policy queried against plays any part in the effective policy?
Or will the report only list the asset if the entire policy is ‘in use’, meaning it survived any explicit ‘denys’ as part of the effective policy reconciliation? Meaning, if any policy inheritance contains a deny that overrules any aspect of the policy name being queried, will the asset appear in the output of this report?
Another way of asking: does the policy only need to effectively be applied fractionally, or in whole to appear on this report?
It means if the selected policy is included in the makeup of an Asset’s “Effective Policy,” it will be displayed here. Whether or not any or all of those elements are overridden are irrlevant to whether or not they will appear on the report.
Does that makes sense?
It does, are there any future plans to be able to report on all assets which effectively have any one particular policy feature (or selection of features) enabled?
There are no plans to do that.