Audit vs. Enforce - Policy Mode

In this section you will:

  • Analyze results from an audit policy

  • Switch between audit and enforce modes to fix the configuration issues

As you saw just before, we configured one of our directives in "Audit mode". You may have guessed what it means.

Rudder has two available policy modes:

  • Enforce: it will modify the target system, if necessary, to achieve the expected state

  • Audit: it will only report about non-compliant components

This is why you can see orange in compliance bars as they display techniques non-compliance in audit mode.

In our example, as the user demo does not exist on a newly installed system, the node is not compliant to the desired state.

Let’s change the policy mode of the directive by updating it. Navigate to the directive page by clicking on :

  1. Directives in the menu

  2. find Demo user in scrolling down the left part or in using the Filter

  3. select the directive

  4. change policy mode to Global mode (enforce)

  5. Save the modification

  6. re-run the agent from the node terminal using $ rudder agent run

Go back to the demo user directive. You can use the Directive page, or use the quick search field, in the header bar. Here you can search for any Rudder item (there is even a small query language!).

Quicksearch field

You will see the actual modification happening, with a "repaired" state, and the demo user now exists on the system. If you go back to the dashboard, everything is green and compliance has reached 100%.

Audit/ Enforce modes can be used in many use cases. Basically, we recommend to use Audit mode first and switch to Enforce mode to remediate when you are sure the policy won’t break anything important

We will now see how to manage other nodes, and more advanced configuration features.


← Apply your first policies Manage machines →