Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use Network Policies to control the traffic of a namespace #51

Open
Darkness4 opened this issue Jun 30, 2022 · 0 comments
Open

Use Network Policies to control the traffic of a namespace #51

Darkness4 opened this issue Jun 30, 2022 · 0 comments
Assignees
@Darkness4
Labels
kind/security Unsafe pratices. S2 Moderate impatc on the end user ; the issue must be adressed when possible.

Comments

@Darkness4
Copy link
Collaborator

Example:

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: test-network-policy
  namespace: default
spec:
  podSelector:
    matchLabels:
      role: db
  policyTypes:
    - Ingress
    - Egress
  ingress:
    - from:
        - ipBlock:
            cidr: 172.17.0.0/16
            except:
              - 172.17.1.0/24
        - namespaceSelector:
            matchLabels:
              project: myproject
        - podSelector:
            matchLabels:
              role: frontend
      ports:
        - protocol: TCP
          port: 6379
  egress:
    - to:
        - ipBlock:
            cidr: 10.0.0.0/24
      ports:
        - protocol: TCP
          port: 5978

Documentation on the issue: https://hub.armosec.io/docs/c-0054

Documentation for implementation: https://kubernetes.io/docs/concepts/services-networking/network-policies/
@Darkness4 Darkness4 added S2 Moderate impatc on the end user ; the issue must be adressed when possible. kind/security Unsafe pratices. labels Jun 30, 2022
@Darkness4 Darkness4 self-assigned this Jun 30, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Darkness4 Darkness4

Labels
kind/security Unsafe pratices. S2 Moderate impatc on the end user ; the issue must be adressed when possible.
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Darkness4