Skip to main content
Version: 3.18 (latest)

Policy recommendation scope

The policy recommendation scope is a collection of configuration options to control policy recommendation in Manager UI.

To apply changes to this resource, use the following format:

$ kubectl patch policyrecommendationscope default -p '{"spec":{"<parameter>":"<value>"}}'


$ kubectl patch policyrecommendationscope default -p '{"spec":{"interval":"5m"}}'



FieldDescriptionAccepted ValuesSchemaDefault
nameThe name of the policy recommendation scope.defaultstring


FieldDescriptionAccepted ValuesSchemaDefault
IntervalThe frequency to create and refine policy recommendations.2.5m (minutes)
InitialLookbackStart time to look at flow logs when first creating a policy recommendation.24h (hours)
StabilizationPeriodTime that a recommended policy should remain unchanged so it is stable and ready to be enforced.10m (minutes)


FieldDescriptionAccepted ValuesSchemaDefault
recStatusDefines the policy recommendation engine status.Enabled/DisabledDisabled
selectorSelects the namespaces for generating recommendations.!( starts with ''tigera-'') && !( starts with ''calico-'') && !( starts with ''kube-'')
intraNamespacePassThroughTrafficWhen true, sets all intra-namespace traffic to Passtrue/falsefalse