idpool

package
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 27, 2024 License: Apache-2.0 Imports: 1 Imported by: 4

Documentation

Overview

Package idpool manages a pool of IDs for use by adapters.

Index

Constants

View Source 
const (
	SwDeploymentTools         = "swDeploymentTools"
	UnAuthorizedSaTokenAccess = "unAuthorizedSaTokenAccess"
	DNSManipulation           = "dnsManipulation"
	EscapeToHost              = "escapeToHost"
	DisallowChRoot            = "disallowChRoot"
	DisallowCapabilities      = "disallowCapabilities"
	ExploitPFA                = "preventExecutionFromTempOrLogsFolders"
	CocoWorkload              = "cocoWorkload"
	EnsureTLS                 = "ensureTLS"
	DenyENAccess              = "denyExternalNetworkAccess"
)

Variables

View Source 
var KaIDPolicies = map[string][]string{
	EscapeToHost: {
		DisallowChRoot,
		DisallowCapabilities,
		SwDeploymentTools,
	},
}

list of policies which satisfies the given ID by Kubearmor

View Source 
var KaIds = []string{
	SwDeploymentTools, UnAuthorizedSaTokenAccess, DNSManipulation, EscapeToHost, ExploitPFA,
}

KaIds are IDs supported by KubeArmor.

View Source 
var KyvIds = []string{
	EscapeToHost,
	CocoWorkload,
}

KyvIds are IDs supported by Kyverno.

View Source 
var NetPolIDs = []string{
	DNSManipulation,
	DenyENAccess,
}

NetPolIDs are IDs supported by Network Policy adapter.

Functions

func IsIdSupportedBy 

func IsIdSupportedBy(id, securityEngine string) bool

IsIdSupportedBy determines whether a given ID is supported by a security engine.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.