Network Policies Global Schema¶
Note
This is auto-generated documentation from a JSON schema that is under construction, this will improve over time.
Return to the root config schema
https://raw.githubusercontent.com/elastisys/compliantkubernetes-apps/main/config/schemas/config.yaml#/properties/networkPolicies/properties/global
Configure global network policy rules.
| Abstract | Extensible | Status | Identifiable | Custom Properties | Additional Properties | Access Restrictions | Defined In |
|---|---|---|---|---|---|---|---|
| Can be instantiated | No | Unknown status | No | Forbidden | Forbidden | none | config/schemas/config.yaml* |
TYPE:
object (Network Policies Global)
PROPERTIES:
| Property | Type | Required | Nullable | Defined by |
|---|---|---|---|---|
| externalLoadBalancer | boolean |
Required | cannot be null | Compliant Kubernetes Apps Config |
| ingressUsingHostNetwork | boolean |
Required | cannot be null | Compliant Kubernetes Apps Config |
| objectStorage | object |
Optional | cannot be null | Compliant Kubernetes Apps Config |
| objectStorageSwift | object |
Optional | cannot be null | Compliant Kubernetes Apps Config |
| scApiserver | object |
Optional | cannot be null | Compliant Kubernetes Apps Config |
| scIngress | object |
Optional | cannot be null | Compliant Kubernetes Apps Config |
| scNodes | object |
Optional | cannot be null | Compliant Kubernetes Apps Config |
| wcApiserver | object |
Optional | cannot be null | Compliant Kubernetes Apps Config |
| wcIngress | object |
Optional | cannot be null | Compliant Kubernetes Apps Config |
| wcNodes | object |
Optional | cannot be null | Compliant Kubernetes Apps Config |
| trivy | object |
Optional | cannot be null | Compliant Kubernetes Apps Config |
externalLoadBalancer¶
When enabled create Network Policy rules for ingress via external load balancer.
externalLoadBalancer
-
is required
-
Type:
boolean(Network Policies External Load Balancer) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
boolean (Network Policies External Load Balancer)
ingressUsingHostNetwork¶
When enabled create Network Policy rules for ingress via host network.
ingressUsingHostNetwork
-
is required
-
Type:
boolean(Network Policies Ingress Host Network) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
boolean (Network Policies Ingress Host Network)
objectStorage¶
Configure object storage network policy rules.
This configuration should match the object storage service configured under objectStorage.
Tip
Automatically populated by ./bin/ck8s update-ips <both|sc|wc>.
objectStorage
-
is optional
-
Type:
object(Network Policies ObjectStorage) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
object (Network Policies ObjectStorage)
objectStorageSwift¶
Configure OpenStack Swift object storage network policy rules.
This configuration should match the object storage service configured under objectStorage.swift if used by any component.
Tip
Automatically populated by ./bin/ck8s update-ips <both|sc|wc>.
objectStorageSwift
-
is optional
-
Type:
object(Network Policies ObjectStorage Swift) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
object (Network Policies ObjectStorage Swift)
scApiserver¶
Configure service cluster API server network policy rules.
Tip
Automatically populated by ./bin/ck8s update-ips <both|sc|wc>.
scApiserver
-
is optional
-
Type:
object(Network Policies SC API Server) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
object (Network Policies SC API Server)
scIngress¶
Configure service cluster ingress network policy rules.
Tip
Automatically populated by ./bin/ck8s update-ips <both|sc|wc>.
scIngress
-
is optional
-
Type:
object(Network Policies SC Ingress) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
object (Network Policies SC Ingress)
scNodes¶
Configure service cluster nodes network policy rules.
Tip
Automatically populated by ./bin/ck8s update-ips <both|sc|wc>.
scNodes
-
is optional
-
Type:
object(Network Policies SC Nodes) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
object (Network Policies SC Nodes)
wcApiserver¶
Configure workload cluster API server network policy rules.
Tip
Automatically populated by ./bin/ck8s update-ips <both|sc|wc>.
wcApiserver
-
is optional
-
Type:
object(Network Policies WC API Server) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
object (Network Policies WC API Server)
wcIngress¶
Configure workload cluster ingress network policy rules.
Tip
Automatically populated by ./bin/ck8s update-ips <both|sc|wc>.
wcIngress
-
is optional
-
Type:
object(Network Policies WC Ingress) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
object (Network Policies WC Ingress)
wcNodes¶
Configure workload cluster nodes network policy rules.
Tip
Automatically populated by ./bin/ck8s update-ips <both|sc|wc>.
wcNodes
-
is optional
-
Type:
object(Network Policies WC Nodes) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
object (Network Policies WC Nodes)
trivy¶
Configure Trivy network policy rules.
Used for Trivy to fetch vulnerability databases both in Harbor and Trivy Operator.
trivy
-
is optional
-
Type:
object(Network Policies Trivy) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
object (Network Policies Trivy)
Return to the root config schema
Generated Sun Jun 23 03:48:25 UTC 2024 from elastisys/compliantkubernetes-apps@main