Set allowlist per policy

What is a one sentence summary of your feature request?

Allowlist to be policy based, and not globally applied.

Please describe your idea in detail. What is your problem, why do you feel this idea is the best solution, etc.

Currently, when an allowlist is set into a policy, that allowlist will apply to all of the active policies, no matter if the other policies have that allowlist activated or not. This approach makes no sense whatsoever, why are we allowed to create multiple allowlists and why are we allowed to add multiple allowlists to policies, if the allowlists apply gobally anyway and not based on the policies they were activated in?

The fix is to make the allowlist run based on the policy it was activated in, and not globally. This way we can have separate policies with separate allowlists for our edge/exemption cases.

How do you currently solve the challenges you have by not having this feature?

We do not have any way to solve the issue at the moment. The only way to get it resolved is to have the feature implemented. This is a big point of concern for us and it would make a massive difference on how flexibly the policies can be setup.

Hi Denis,

Welcome to the community portal.
Thank you for your request. I fully understand its significance, and I’m pleased to inform you that we already have plans to enhance this functionality, specifically by introducing policy-level granularity to Denylists/Allowlists. This improvement is a key component of our long-term strategic vision. However, I want to be transparent with you - this change involves a substantial redesign of our backend logic and requires significant development effort. As our current project queues are quite full, we won’t be able to initiate this work in the short to medium term. We appreciate your understanding and encourage you to stay tuned for future updates.

Best regards, Krzysiek