An Enforcer Profile is a configuration that can be applied to multiple instances of
enforcerd using an Enforcer Profile Mapping Policy.
The tags of your instance of
enforcerd should match only one profile.
To avoid any confusion, it will refuse to start otherwise.
Default Enforcer Profile
Your account comes with a default Enforcer Profile and Enforcer Profile Mapping Policy. It matches all instances of enforcerd unless a more specific one is available.
In the majority of the cases, you should not need to create your own unless you need to use advanced features like:
- To secure selected system daemons
- To secure an entire host
- To enable advanced audit rules
- To ignore some Processing Units
- To change very advanced networking configuration
Custom Enforcer Profile
Create an Enforcer Profile
Create an Enforcer Profile Mapping