About scopes

In Kaspersky Container Security, a scope is a resource list of reasons why the solution is being used (e.g. specific cluster, multiple external registries, or specific namespaces).

Scopes are used for the following purposes:

• To differentiate access to resources, for example, in order to monitor the operation of clusters, registries, or namespaces.

  This access control is performed by assigning a scope when creating a scope or editing its settings.

• To distinguish the objects that policies and scans are applied to.

  These objects are differentiated by assigning a scope when creating security policies or editing their settings.

In Kaspersky Container Security, you can add your own scopes or assign the default global scope to users.

The global scope includes access to all solution resources. This scope is added by default during installation of Kaspersky Container Security.

You cannot change the settings of the global scope or delete it.

Only a user with the appropriate rights can access the global scope. To assign global scope to other users and roles, you need to have permission to manage the global scope.

If you assign the global scope to a policy, the policy will be applied to all resources and applied in all environments.