About application scopes
March 27, 2024
ID 266001
In Kaspersky Container Security, a scope is a resource list of reasons why the solution is being used (e.g. specific cluster, multiple external registries, or specific namespaces).
Scopes are used for the following purposes:
- To differentiate access to resources, for example, in order to monitor the operation of clusters, registries, or namespaces.
This access control is performed by assigning a scope when creating a scope or editing its settings.
- To distinguish the objects that policies and scans are applied to.
These objects are differentiated by assigning a scope when creating security policies or editing their settings.
In Kaspersky Container Security, you can add your own application scopes or assign the default global application scope to users.
The global application scope includes access to all solution resources. This scope is added by default during installation of Kaspersky Container Security.
You cannot change the settings of the global application scope or delete it.
Only a user with the appropriate rights can access the global application scope. To assign global application scope to other users and roles, you need to have permission to manage the global application scope.
If you assign the global application scope to a policy, the policy will be applied to all resources and applied in all environments.
