Skip to main content
Version: main

The Built-in Rules

vArmor supports defining VarmorPolicy or VarmorClusterPolicy objects using built-in rules in EnhanceProtect mode. The currently supported built-in rules and categories are shown in the following pages. You can also try using the policy advisor to generate a policy template with built-in rules.

Note:
- The built-in rules supported by different enforcers are still under development.
- There are some limitations in the rules and syntax supported by different enforcers. For example, the AppArmor enforcer does not support fine-grained network access control, and BPF does not support access control for specified executables.