Policy Store
The policy store holds a collection of customized policies for your workflows, allowing you to easily manage and update policies in a single location.
Steps To Create and Use a Policy
Step 1: Navigate to the Policy Store
Open StepSecurity, then navigate to the Harden Runner section and click on
Policy Store

Step 2: Click "Create policy"

Step 3: Create a New Policy
Enter a policy name.
Configure the policy settings (e.g., allowed endpoints, telemetry settings).
Click Add Policy to save.

Step 4: Apply the Policy in Your Workflow
Remove any existing manual policy configurations.
Add the policy name under the Harden Runner step.
Ensure
id-token: write
permission is explicitly set in your workflow file. This permission is required to authenticate with the StepSecurity backend API and fetch the policy.
Here’s an example:
name: CI
on:
pull_request:
permissions:
contents: read
id-token: write
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0
with:
policy: Test-policy
Step 5: Verify the Integration
Run a test workflow to ensure the policy is applied correctly.
Last updated
Was this helpful?