9f6e6f7fb3
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Signals CI & Image / signals-ci (push) Has been cancelled
Policy Lint & Smoke / policy-lint (push) Has been cancelled
Policy Simulation / policy-simulate (push) Has been cancelled
SDK Publish & Sign / sdk-publish (push) Has been cancelled
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
devportal-offline / build-offline (push) Has been cancelled
Policy Examples
Sample stella-dsl@1 policies illustrating common deployment personas. Each example includes commentary, CLI usage hints, and a compliance checklist.
| Example | Description |
|---|---|
| Baseline | Balanced production defaults (block critical, respect strong VEX). |
| Serverless | Aggressive blocking for serverless workloads (no High+, pinned base images). |
| Internal Only | Lenient policy for internal/dev environments with KEV safeguards. |
Policy source files (*.stella) live alongside the documentation so you can copy/paste or use stella policy new --from file://....
Last updated: 2025-10-26.