Policy Store
Last updated
Was this helpful?
Last updated
Was this helpful?
The policy store holds a collection of customized policies for your workflows, allowing you to easily manage and update policies in a single location.
Open StepSecurity, then navigate to the Harden Runner section and click on Policy Store
Enter a policy name.
Configure the policy settings (e.g., allowed endpoints, telemetry settings).
Click Add Policy to save.
Remove any existing manual policy configurations.
Add the policy name under the Harden Runner step.
Ensure id-token: write
permission is explicitly set in your workflow file. This permission is required to authenticate with the StepSecurity backend API and fetch the policy.
Here’s an example:
Run a test workflow to ensure the policy is applied correctly.