Documentation
¶
Index ¶
Constants ¶
View Source
const ( // MissingDefaultDenyIngressAndEgressNetworkPolicy occurs when there is no default deny network policy for // ingress and egress traffic MissingDefaultDenyIngressAndEgressNetworkPolicy = "MissingDefaultDenyIngressAndEgressNetworkPolicy" // MissingDefaultDenyIngressNetworkPolicy occurs when there is no default deny network policy for // ingress traffic MissingDefaultDenyIngressNetworkPolicy = "MissingDefaultDenyIngressNetworkPolicy" // MissingDefaultDenyEgressNetworkPolicy occurs when there is no default deny network policy for // egress traffic MissingDefaultDenyEgressNetworkPolicy = "MissingDefaultDenyEgressNetworkPolicy" // AllowAllIngressNetworkPolicyExists occurs when there is a network policy which allows all ingress traffic AllowAllIngressNetworkPolicyExists = "AllowAllIngressNetworkPolicyExists" // AllowAllEgressNetworkPolicyExists occurs when there is a network policy which allows all egress traffic AllowAllEgressNetworkPolicyExists = "AllowAllEgressNetworkPolicyExists" )
View Source
const ( IngressOverrideLabel = "allow-non-default-deny-ingress-network-policy" EgressOverrideLabel = "allow-non-default-deny-egress-network-policy" Ingress = "Ingress" Egress = "Egress" )
View Source
const AllNamespaces = ""
View Source
const DefaultDenyNetworkPolicyName = "default-deny"
View Source
const Name = "netpols"
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type DefaultDenyNetworkPolicies ¶
type DefaultDenyNetworkPolicies struct{}
DefaultDenyNetworkPolicies implements Auditable
func New ¶
func New() *DefaultDenyNetworkPolicies
func (*DefaultDenyNetworkPolicies) Audit ¶
func (a *DefaultDenyNetworkPolicies) Audit(resource k8s.Resource, resources []k8s.Resource) ([]*kubeaudit.AuditResult, error)
Audit checks that each namespace resource has a default deny NetworkPolicy for all ingress and egress traffic
Source Files
Click to show internal directories.
Click to hide internal directories.