Policy Evaluations
Last updated
Was this helpful?
Last updated
Was this helpful?
When a configured policy is not followed, the associated GitHub Actions workflow run will be blocked automatically. This helps enforce organization-wide security and compliance standards.
In such a case, you will see the following message within the workflow run:
To investigate blocked runs, go to the “Policy Evaluations” dashboard under Run Policies in the StepSecurity platform.
This dashboard provides:
A list of recent policy evaluation events across your organization.
Information about the repository, workflow file, and timestamp of each event.
The status of the run (e.g., Blocked).
A direct link to the workflow run for deeper inspection.
Click the arrow next to any listed evaluation to expand detailed information about:
The specific policy or policies that were violated (e.g., Do not allow GitHub-Hosted Runners).
The reason the run was blocked, based on the conditions defined in the policy (e.g., the job was configured to run on ubuntu-latest, which violates the organization’s policy against using GitHub-hosted runners)