AvePoint Learn
Request an article
Contact support
Request an article
Contact support
English

Home > Baseline Management > Manage Policies > Drift Alignment Scope Policy

Download this article

Drift Alignment Scope Policy

A drift-alignment scope policy defines the monitor scope for drift detection by comparing tenant configurations against baseline standards. It also determines whether auto-alignment is enabled to revert configuration changes, and further specifies the auto-alignment scope when enabled. A drift-alignment scope policy takes effect only after the relevant baselines have been deployed to the tenant.

The Drift-alignment scope policy tab displays all available policies of this type. A built-in policy, named Default drift-alignment scope policy, is provided for immediate use. This default policy has the Monitor scope set to All supported configurations and Auto-alignment set to Disabled. To view the detailed information about a specific policy, click its name to open the policy details page.

Create a Policy

Refer to the following steps to create a drift-alignment scope policy:

  1. Click Create above the policy table to open the Create drift-alignment scope policy page.

  2. In the Basic information step, complete the following information:

    • Policy name – Enter a name for this policy.

    • Description – Enter an optional description.

    • Tenant scope – Select the tenants where you want to apply this policy and click Apply. Tenant assignment can also be completed after you create the policy. For detailed instructions, refer to Apply a Policy to Tenant.

  3. Click Next.

  4. In the Monitor scope step, complete the following information:

    • Define the monitor scope for drift detection – Select an option:

      • Only the baseline configurations – Select this option to monitor a tenant by predefined baseline configurations. It will detect only changes to these baseline configurations, ignoring all tenant-specific configurations.

      • All supported configurations – Select this option for comprehensive tenant monitoring. It will identify any modifications made to all supported configurations. For the supported configurations, refer to Supported Baseline Configurations.

      • Specific configurations – After selecting this option, you need to manually choose the configurations that you want to monitor.

    • New group monitoring – Turn on or off the toggle to indicate if newly created groups should be identified as deviations during drift detection.

  5. Click Next.

  6. In the Auto-alignment scope step, turn on or off the toggle to indicate if you want to enable auto-alignment to automatically correct configuration updates.

    • When auto-alignment is enabled, you need to define the auto-alignment scope, either all monitored configurations you have defined above or the specific configurations that you select below.

      After a drift detection job detects configuration deviations between the tenant and baseline configurations, an auto-alignment job will automatically start immediately to correct configuration updates, ensuring alignment with the deployed baseline standards. After the auto-alignment job is complete, you can navigate to Process center to view the auto-alignment results.

    • Once disabled, configuration deviations identified during drift detection will no longer be automatically corrected to align with the deployed baseline standards.

  7. Click Next.

  8. In the Review step, you can verify information and edit information if needed. If no more updates are needed, click Create to create the policy.

Apply a Policy to Tenant

A tenant can be associated with only one drift-alignment scope policy. Applying a new policy of this type will override the existing one. The Tenant scope column in the policy table displays the tenants where a policy has been applied.

Refer to the following steps to apply a drift-alignment scope policy to tenants:

  1. Select the policy that you want to apply to tenants.

  2. Click Apply to tenant.

  3. Select the tenants where you want to apply this policy and click Apply.

  4. Click Apply.

Remove a Policy from Tenant

Each tenant must have one drift-alignment scope policy applied. If you remove a drift-alignment scope policy from a tenant, the default drift-alignment scope policy will be automatically applied. When a policy change occurs, all previous deviation results for the tenant will be cleared. You can manually start a drift detection job now or wait for the next scheduled drift detection job.

Refer to the following steps to remove a drift-alignment scope policy from a tenant:

  1. Select the policy that you want to remove from the tenant.

  2. Click Apply to tenant.

  3. Click the Remove button next to the tenant. Click Remove in the pop-up confirmation window.

  4. Click Apply.

Delete a Policy

To delete a policy that is no longer needed, select the policy and click Delete. Please note that policies currently assigned to any tenants cannot be deleted until they have been removed from all associated tenants.