Network Policies Config Schema¶
Note
This is auto-generated documentation from a JSON schema that is under construction, this will improve over time.
Return to the root config schema
https://raw.githubusercontent.com/elastisys/compliantkubernetes-apps/main/config/schemas/config.yaml#/properties/networkPolicies
Configure Network Policies.
Most common Network Policy rules can be updated by running ./bin/ck8s update-ips <both|sc|wc>
.
Abstract | Extensible | Status | Identifiable | Custom Properties | Additional Properties | Access Restrictions | Defined In |
---|---|---|---|---|---|---|---|
Can be instantiated | No | Unknown status | No | Forbidden | Forbidden | none | config/schemas/config.yaml* |
TYPE:
object
(Network Policies Config)
PROPERTIES:
Property | Type | Required | Nullable | Defined by |
---|---|---|---|---|
enabled | boolean |
Optional | cannot be null | Welkin Apps Config |
enableAlerting | boolean |
Optional | cannot be null | Welkin Apps Config |
global | object |
Optional | cannot be null | Welkin Apps Config |
ingressNginx | object |
Optional | cannot be null | Welkin Apps Config |
certManager | object |
Optional | cannot be null | Welkin Apps Config |
externalDns | object |
Optional | cannot be null | Welkin Apps Config |
dex | object |
Optional | cannot be null | Welkin Apps Config |
gatekeeper | object |
Optional | cannot be null | Welkin Apps Config |
harbor | object |
Optional | cannot be null | Welkin Apps Config |
fluentd | object |
Optional | cannot be null | Welkin Apps Config |
opensearch | object |
Optional | cannot be null | Welkin Apps Config |
monitoring | object |
Optional | cannot be null | Welkin Apps Config |
alertmanager | object |
Optional | cannot be null | Welkin Apps Config |
prometheus | object |
Optional | cannot be null | Welkin Apps Config |
s3Exporter | object |
Optional | cannot be null | Welkin Apps Config |
tektonPipelines | object |
Optional | cannot be null | Welkin Apps Config |
thanos | object |
Optional | cannot be null | Welkin Apps Config |
falco | object |
Optional | cannot be null | Welkin Apps Config |
kured | object |
Optional | cannot be null | Welkin Apps Config |
rclone | object |
Optional | cannot be null | Welkin Apps Config |
velero | object |
Optional | cannot be null | Welkin Apps Config |
kubeSystem | object |
Optional | cannot be null | Welkin Apps Config |
dnsAutoscaler | object |
Optional | cannot be null | Welkin Apps Config |
coredns | object |
Optional | cannot be null | Welkin Apps Config |
rookCeph | object |
Optional | cannot be null | Welkin Apps Config |
defaultDeny | boolean |
Optional | cannot be null | Welkin Apps Config |
allowedNameSpaces | array |
Optional | cannot be null | Welkin Apps Config |
additionalEgressPolicies | array |
Optional | cannot be null | Welkin Apps Config |
additionalIngressPolicies | array |
Optional | cannot be null | Welkin Apps Config |
additional | string |
Optional | cannot be null | Welkin Apps Config |
enabled¶
enabled
-
is optional
-
Type:
boolean
(Network Policies Enabled) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
boolean
(Network Policies Enabled)
DEFAULTS:
The default value is:
true
enableAlerting¶
enableAlerting
-
is optional
-
Type:
boolean
(Network Policies Alerting Enabled) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
boolean
(Network Policies Alerting Enabled)
DEFAULTS:
The default value is:
true
global¶
Configure global network policy rules.
global
-
is optional
-
Type:
object
(Network Policies Global) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
object
(Network Policies Global)
ingressNginx¶
Configure Ingress NGINX network policy rules.
ingressNginx
-
is optional
-
Type:
object
(Network Policies Ingress NGINX) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
object
(Network Policies Ingress NGINX)
certManager¶
Configure cert-manager network policy rules.
certManager
-
is optional
-
Type:
object
(Network Policies cert-manager) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
object
(Network Policies cert-manager)
externalDns¶
Configure ExternalDNS network policy rules.
externalDns
-
is optional
-
Type:
object
(Network Policies ExternalDNS) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
object
(Network Policies ExternalDNS)
dex¶
Configure Dex network policy rules.
dex
-
is optional
-
Type:
object
(Network Policies Dex) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
object
(Network Policies Dex)
gatekeeper¶
Configure Gatekeeper network policy rules.
gatekeeper
-
is optional
-
Type:
object
(Network Policies Gatekeeper) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
object
(Network Policies Gatekeeper)
harbor¶
Configure Harbor network policy rules.
harbor
-
is optional
-
Type:
object
(Network Policies Harbor) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
object
(Network Policies Harbor)
fluentd¶
Configure Fluentd network policy rules.
fluentd
-
is optional
-
Type:
object
(Network Policies Fluentd) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
object
(Network Policies Fluentd)
opensearch¶
Configure OpenSearch network policy rules.
opensearch
-
is optional
-
Type:
object
(Network Policies OpenSearch) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
object
(Network Policies OpenSearch)
monitoring¶
Configure monitoring network policy rules.
monitoring
-
is optional
-
Type:
object
(Network Policies Monitoring) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
object
(Network Policies Monitoring)
alertmanager¶
Configure Alertmanager network policy rules.
alertmanager
-
is optional
-
Type:
object
(Network Policies Alertmanager) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
object
(Network Policies Alertmanager)
prometheus¶
Configure Prometheus network policy rules.
prometheus
-
is optional
-
Type:
object
(Network Policies Prometheus) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
object
(Network Policies Prometheus)
s3Exporter¶
Configure S3 exporter network policy rules.
s3Exporter
-
is optional
-
Type:
object
(Network Policies S3 Exporter) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
object
(Network Policies S3 Exporter)
tektonPipelines¶
Enable network policies for tekton and the pipeline.
tektonPipelines
-
is optional
-
Type:
object
(Network Policies Tekton Pipeline) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
object
(Network Policies Tekton Pipeline)
thanos¶
Configure Thanos network policy rules.
thanos
-
is optional
-
Type:
object
(Network Policies Thanos) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
object
(Network Policies Thanos)
falco¶
Configure Falco network policy rules.
falco
-
is optional
-
Type:
object
(Network Policies Falco) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
object
(Network Policies Falco)
kured¶
Configure Kured network policy rules.
kured
-
is optional
-
Type:
object
(Network Policies Kured) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
object
(Network Policies Kured)
rclone¶
Configure Rclone network policy rules.
rclone
-
is optional
-
Type:
object
(Network Policies Rclone) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
object
(Network Policies Rclone)
velero¶
Configure Velero network policy rules.
velero
-
is optional
-
Type:
object
(Network Policies Velero) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
object
(Network Policies Velero)
kubeSystem¶
Configure kube-system network policy rules.
kubeSystem
-
is optional
-
Type:
object
(Network Policies Kube System) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
object
(Network Policies Kube System)
dnsAutoscaler¶
Configure DNS Autoscaler network policy rules.
dnsAutoscaler
-
is optional
-
Type:
object
(Network Policies DNS Autoscaler) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
object
(Network Policies DNS Autoscaler)
coredns¶
Configure CoreDNS network policy rules.
coredns
-
is optional
-
Type:
object
(Network Policies CoreDNS) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
object
(Network Policies CoreDNS)
rookCeph¶
Configure Rook Ceph network policy rules.
rookCeph
-
is optional
-
Type:
object
(Network Policies Rook Ceph) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
object
(Network Policies Rook Ceph)
defaultDeny¶
defaultDeny
-
is optional
-
Type:
boolean
-
cannot be null
-
defined in: Welkin Apps Config
TYPE:
boolean
allowedNameSpaces¶
allowedNameSpaces
-
is optional
-
Type:
array
(Network Policies Allowed Namespaces) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
array
(Network Policies Allowed Namespaces)
additionalEgressPolicies¶
additionalEgressPolicies
-
is optional
-
Type:
array
(Network Policies Egress Policies) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
array
(Network Policies Egress Policies)
additionalIngressPolicies¶
additionalIngressPolicies
-
is optional
-
Type:
array
(Network Policies Ingress Policies) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
array
(Network Policies Ingress Policies)
additional¶
Configure additional network policies.
additional
-
is optional
-
Type:
string
(Network Policies Additional Policies) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
string
(Network Policies Additional Policies)
CONSTRAINTS:
unknown format: the value of this string must follow the format: yaml
Return to the root config schema
Generated Thu Dec 19 03:51:01 UTC 2024 from elastisys/compliantkubernetes-apps@main