Value Statement

To allow users to leverage a different delivery mechanism for policy templates (e.g. ConfigurationPolicy, Gatekeeper constraint, etc.), the ACM console can leverage search to list all detected policy templates. This also gives a different view for existing users that is helpful.

ACM-12528 has more detail on the market value and general requirements.

See the following Figma mockup for design details, though the wording is expected to change after ACM-13285:
https://www.figma.com/design/vUl9NQhvdwwH2gEyhTpdYz/Sub-Policies?node-id=93-9395&t=28FJUupzo4TyvDhf-0

Note that the search results will not contain all the data needed until ACM-13279 is done. Gatekeeper will be excluded from this for now.

Additional features such as label filtering and column management will come in a future Jira.

Definition of Done for Engineering Story Owner (Checklist)

• Add a "Discovered policies" tab in "Governance"
• This page will have a table aggregated by name and kind for all supported policy template types (except Gatekeeper for now). It will have these columns
  • Name - clickable to a table to per cluster results
  • Engine
  • Kind
  • Response action (generic term for remediation action)
    • If multiple, it should be in the format of `inform / enforce` like the existing "Policies" table.
  • Source
    • This matches the same logic as the "Policies" table except that if it's deployed by a "Policy" kind, it should show a link to the parent policy.
  • Severity - pick the highest severity if this differs per cluster
  • Cluster violations
• The per cluster page that is reachable from the "Name" link will have a "Policy violations" card with a "Policy violations" chart. Below that will have a table with the following columns:
  • Cluster - a link to the existing policy template details page for that specific policy
  • Response action (generic term for remediation action)
  • Violations
  • Source
  • Severity
• Stretch Goal:
  • Verify the user has RBAC to access the root policy before making Source clickable toa  policy.

Development Complete

• The code is complete.
• Functionality is working.
• Any required downstream Docker file changes are made.

Tests Automated

• [ ] Unit/function tests have been automated and incorporated into the
  build.
• [ ] 100% automated unit/function test coverage for new or changed APIs.

Secure Design

• [ ] Security has been assessed and incorporated into your threat model.

Multidisciplinary Teams Readiness

• [ ] Create an informative documentation issue using the Customer

Portal Doc template that you can access from [The Playbook](

https://docs.google.com/document/d/1YTqpZRH54Bnn4WJ2nZmjaCoiRtqmrc2w6DdQxe_yLZ8/edit#heading=h.9fvyr2rdriby),

and ensure doc acceptance criteria is met.

• Call out this sentence as it's own action:

• [ ] Link the development issue to the doc issue.

Support Readiness

• [ ] The must-gather script has been updated.