4504f88e8d
* 📄 compliance ready policies documentation * revert unwanted change * 🐛 typo * 📄 add a section to mention Compliance Ready Polcies. * 📄 remove `aliases` since they shouldn't be necessary * 📄 suggestion from Mitch * 📄 list existing policy docs 🔥 remove details about PULUMI_ACCESS_TOKEN * 🌿 add back azurenative policies docs 🐛 fix package names in the generated docs * 🐛 fix list style * 📄 suggested changes to improve documentation Co-authored-by: Christian Nunciato <c@nunciato.org> * Fix a lint --------- Co-authored-by: Christian Nunciato <c@nunciato.org>
5352 lines
147 KiB
Markdown
5352 lines
147 KiB
Markdown
---
|
|
title_tag: "Compliance Ready Policies (Kubernetes) | CrossGuard"
|
|
meta_desc: This page contains the list of Compliance Ready Policies for Kubernetes.
|
|
title: Compliance Ready Kubernetes Policies
|
|
h1: List of Compliance Ready Policies for Kubernetes
|
|
meta_image: /images/docs/meta-images/docs-meta.png
|
|
menu:
|
|
usingpulumi:
|
|
parent: crossguard-compliance-ready-policies
|
|
---
|
|
There's a total of 237 Compliance Ready Policies for the Kubernetes provider.
|
|
|
|
All those policies are available in the `@pulumi/kubernetes-compliance-policies` package.
|
|
|
|
Please refer to our [Documentation](../compliance-ready-policies/#manual-installation) for more details.
|
|
|
|
## admissionregistration
|
|
|
|
### v1alpha1
|
|
|
|
#### kubernetes-admissionregistration-v1alpha1-validatingadmissionpolicy-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-admissionregistration-v1alpha1-validatingadmissionpolicy-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.admissionregistration.v1alpha1.ValidatingAdmissionPolicy.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (admissionregistration.v1alpha1.ValidatingAdmissionPolicy).
|
|
|
|
Service: Admissionregistration
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-admissionregistration-v1alpha1-validatingadmissionpolicybinding-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-admissionregistration-v1alpha1-validatingadmissionpolicybinding-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.admissionregistration.v1alpha1.ValidatingAdmissionPolicyBinding.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (admissionregistration.v1alpha1.ValidatingAdmissionPolicyBinding).
|
|
|
|
Service: Admissionregistration
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-admissionregistration-v1alpha1-validatingadmissionpolicybindinglist-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-admissionregistration-v1alpha1-validatingadmissionpolicybindinglist-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.admissionregistration.v1alpha1.ValidatingAdmissionPolicyBindingList.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (admissionregistration.v1alpha1.ValidatingAdmissionPolicyBindingList).
|
|
|
|
Service: Admissionregistration
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-admissionregistration-v1alpha1-validatingadmissionpolicybindingpatch-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-admissionregistration-v1alpha1-validatingadmissionpolicybindingpatch-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.admissionregistration.v1alpha1.ValidatingAdmissionPolicyBindingPatch.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (admissionregistration.v1alpha1.ValidatingAdmissionPolicyBindingPatch).
|
|
|
|
Service: Admissionregistration
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-admissionregistration-v1alpha1-validatingadmissionpolicylist-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-admissionregistration-v1alpha1-validatingadmissionpolicylist-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.admissionregistration.v1alpha1.ValidatingAdmissionPolicyList.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (admissionregistration.v1alpha1.ValidatingAdmissionPolicyList).
|
|
|
|
Service: Admissionregistration
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-admissionregistration-v1alpha1-validatingadmissionpolicypatch-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-admissionregistration-v1alpha1-validatingadmissionpolicypatch-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.admissionregistration.v1alpha1.ValidatingAdmissionPolicyPatch.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (admissionregistration.v1alpha1.ValidatingAdmissionPolicyPatch).
|
|
|
|
Service: Admissionregistration
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
### v1beta1
|
|
|
|
#### kubernetes-admissionregistration-v1beta1-mutatingwebhookconfiguration-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-admissionregistration-v1beta1-mutatingwebhookconfiguration-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.admissionregistration.v1beta1.MutatingWebhookConfiguration.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (admissionregistration.v1beta1.MutatingWebhookConfiguration).
|
|
|
|
Service: Admissionregistration
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-admissionregistration-v1beta1-mutatingwebhookconfigurationlist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-admissionregistration-v1beta1-mutatingwebhookconfigurationlist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.admissionregistration.v1beta1.MutatingWebhookConfigurationList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (admissionregistration.v1beta1.MutatingWebhookConfigurationList).
|
|
|
|
Service: Admissionregistration
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-admissionregistration-v1beta1-mutatingwebhookconfigurationpatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-admissionregistration-v1beta1-mutatingwebhookconfigurationpatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.admissionregistration.v1beta1.MutatingWebhookConfigurationPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (admissionregistration.v1beta1.MutatingWebhookConfigurationPatch).
|
|
|
|
Service: Admissionregistration
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-admissionregistration-v1beta1-validatingadmissionpolicy-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-admissionregistration-v1beta1-validatingadmissionpolicy-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.admissionregistration.v1beta1.ValidatingAdmissionPolicy.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (admissionregistration.v1beta1.ValidatingAdmissionPolicy).
|
|
|
|
Service: Admissionregistration
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-admissionregistration-v1beta1-validatingadmissionpolicybinding-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-admissionregistration-v1beta1-validatingadmissionpolicybinding-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.admissionregistration.v1beta1.ValidatingAdmissionPolicyBinding.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (admissionregistration.v1beta1.ValidatingAdmissionPolicyBinding).
|
|
|
|
Service: Admissionregistration
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-admissionregistration-v1beta1-validatingadmissionpolicybindinglist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-admissionregistration-v1beta1-validatingadmissionpolicybindinglist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.admissionregistration.v1beta1.ValidatingAdmissionPolicyBindingList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (admissionregistration.v1beta1.ValidatingAdmissionPolicyBindingList).
|
|
|
|
Service: Admissionregistration
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-admissionregistration-v1beta1-validatingadmissionpolicybindingpatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-admissionregistration-v1beta1-validatingadmissionpolicybindingpatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.admissionregistration.v1beta1.ValidatingAdmissionPolicyBindingPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (admissionregistration.v1beta1.ValidatingAdmissionPolicyBindingPatch).
|
|
|
|
Service: Admissionregistration
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-admissionregistration-v1beta1-validatingadmissionpolicylist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-admissionregistration-v1beta1-validatingadmissionpolicylist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.admissionregistration.v1beta1.ValidatingAdmissionPolicyList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (admissionregistration.v1beta1.ValidatingAdmissionPolicyList).
|
|
|
|
Service: Admissionregistration
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-admissionregistration-v1beta1-validatingadmissionpolicypatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-admissionregistration-v1beta1-validatingadmissionpolicypatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.admissionregistration.v1beta1.ValidatingAdmissionPolicyPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (admissionregistration.v1beta1.ValidatingAdmissionPolicyPatch).
|
|
|
|
Service: Admissionregistration
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-admissionregistration-v1beta1-validatingwebhookconfiguration-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-admissionregistration-v1beta1-validatingwebhookconfiguration-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.admissionregistration.v1beta1.ValidatingWebhookConfiguration.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (admissionregistration.v1beta1.ValidatingWebhookConfiguration).
|
|
|
|
Service: Admissionregistration
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-admissionregistration-v1beta1-validatingwebhookconfigurationlist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-admissionregistration-v1beta1-validatingwebhookconfigurationlist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.admissionregistration.v1beta1.ValidatingWebhookConfigurationList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (admissionregistration.v1beta1.ValidatingWebhookConfigurationList).
|
|
|
|
Service: Admissionregistration
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-admissionregistration-v1beta1-validatingwebhookconfigurationpatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-admissionregistration-v1beta1-validatingwebhookconfigurationpatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.admissionregistration.v1beta1.ValidatingWebhookConfigurationPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (admissionregistration.v1beta1.ValidatingWebhookConfigurationPatch).
|
|
|
|
Service: Admissionregistration
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
## apiextensions
|
|
|
|
### v1beta1
|
|
|
|
#### kubernetes-apiextensions-v1beta1-customresourcedefinition-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apiextensions-v1beta1-customresourcedefinition-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apiextensions.v1beta1.CustomResourceDefinition.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apiextensions.v1beta1.CustomResourceDefinition).
|
|
|
|
Service: Apiextensions
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-apiextensions-v1beta1-customresourcedefinitionlist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apiextensions-v1beta1-customresourcedefinitionlist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apiextensions.v1beta1.CustomResourceDefinitionList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apiextensions.v1beta1.CustomResourceDefinitionList).
|
|
|
|
Service: Apiextensions
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-apiextensions-v1beta1-customresourcedefinitionpatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apiextensions-v1beta1-customresourcedefinitionpatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apiextensions.v1beta1.CustomResourceDefinitionPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apiextensions.v1beta1.CustomResourceDefinitionPatch).
|
|
|
|
Service: Apiextensions
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
## apiregistration
|
|
|
|
### v1beta1
|
|
|
|
#### kubernetes-apiregistration-v1beta1-apiservice-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apiregistration-v1beta1-apiservice-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apiregistration.v1beta1.APIService.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apiregistration.v1beta1.APIService).
|
|
|
|
Service: Apiregistration
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-apiregistration-v1beta1-apiservicelist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apiregistration-v1beta1-apiservicelist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apiregistration.v1beta1.APIServiceList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apiregistration.v1beta1.APIServiceList).
|
|
|
|
Service: Apiregistration
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-apiregistration-v1beta1-apiservicepatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apiregistration-v1beta1-apiservicepatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apiregistration.v1beta1.APIServicePatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apiregistration.v1beta1.APIServicePatch).
|
|
|
|
Service: Apiregistration
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
## apps
|
|
|
|
### v1
|
|
|
|
#### kubernetes-apps-v1-daemonset-configure-recommended-labels
|
|
|
|
Policy name: `kubernetes-apps-v1-daemonset-configure-recommended-labels`
|
|
|
|
Code path: `kubernetes.apps.v1.DaemonSet.configureRecommendedLabels`
|
|
|
|
Checks that Kubernetes DaemonSets have the recommended labels.
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #B7E4C7;'>low</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: usability
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/working-with-objects/common-labels/>
|
|
|
|
#### kubernetes-apps-v1-daemonset-enable-read-only-root-filesystem
|
|
|
|
Policy name: `kubernetes-apps-v1-daemonset-enable-read-only-root-filesystem`
|
|
|
|
Code path: `kubernetes.apps.v1.DaemonSet.enableReadOnlyRootFilesystem`
|
|
|
|
Checks that Kubernetes DaemonSets run pods with a read-only filesystem.
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F4D8A5;'>high</span>
|
|
|
|
Frameworks: iso27001, pcidss
|
|
|
|
Topics: runtime, security
|
|
|
|
Link: <https://kubernetes.io/docs/tasks/configure-pod-container/security-context/>
|
|
|
|
#### kubernetes-apps-v1-deployment-configure-minimum-replica-count
|
|
|
|
Policy name: `kubernetes-apps-v1-deployment-configure-minimum-replica-count`
|
|
|
|
Code path: `kubernetes.apps.v1.Deployment.configureMinimumReplicaCount`
|
|
|
|
Checks that Kubernetes Deployments have at least three replicas.
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F4D8A5;'>high</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: availability
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/workloads/controllers/deployment/>
|
|
|
|
#### kubernetes-apps-v1-deployment-configure-recommended-labels
|
|
|
|
Policy name: `kubernetes-apps-v1-deployment-configure-recommended-labels`
|
|
|
|
Code path: `kubernetes.apps.v1.Deployment.configureRecommendedLabels`
|
|
|
|
Checks that Kubernetes Deployments have the recommended labels.
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #B7E4C7;'>low</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: usability
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/working-with-objects/common-labels/>
|
|
|
|
#### kubernetes-apps-v1-deployment-enable-read-only-root-filesystem
|
|
|
|
Policy name: `kubernetes-apps-v1-deployment-enable-read-only-root-filesystem`
|
|
|
|
Code path: `kubernetes.apps.v1.Deployment.enableReadOnlyRootFilesystem`
|
|
|
|
Checks that Kubernetes Deployments run pods with a read-only filesystem.
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F4D8A5;'>high</span>
|
|
|
|
Frameworks: iso27001, pcidss
|
|
|
|
Topics: runtime, security
|
|
|
|
Link: <https://kubernetes.io/docs/tasks/configure-pod-container/security-context/>
|
|
|
|
#### kubernetes-apps-v1-replicaset-configure-minimum-replica-count
|
|
|
|
Policy name: `kubernetes-apps-v1-replicaset-configure-minimum-replica-count`
|
|
|
|
Code path: `kubernetes.apps.v1.ReplicaSet.configureMinimumReplicaCount`
|
|
|
|
Checks that Kubernetes ReplicaSets have at least three replicas.
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F4D8A5;'>high</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: availability
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/>
|
|
|
|
#### kubernetes-apps-v1-replicaset-configure-recommended-labels
|
|
|
|
Policy name: `kubernetes-apps-v1-replicaset-configure-recommended-labels`
|
|
|
|
Code path: `kubernetes.apps.v1.ReplicaSet.configureRecommendedLabels`
|
|
|
|
Checks that Kubernetes ReplicaSets use the recommended labels.
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #B7E4C7;'>low</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: usability
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/working-with-objects/common-labels/>
|
|
|
|
#### kubernetes-apps-v1-replicaset-enable-read-only-root-filesystem
|
|
|
|
Policy name: `kubernetes-apps-v1-replicaset-enable-read-only-root-filesystem`
|
|
|
|
Code path: `kubernetes.apps.v1.ReplicaSet.enableReadOnlyRootFilesystem`
|
|
|
|
Checks that Kubernetes ReplicaSets run pods with a read-only filesystem.
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F4D8A5;'>high</span>
|
|
|
|
Frameworks: iso27001, pcidss
|
|
|
|
Topics: runtime, security
|
|
|
|
Link: <https://kubernetes.io/docs/tasks/configure-pod-container/security-context/>
|
|
|
|
#### kubernetes-apps-v1-statefulset-configure-recommended-labels
|
|
|
|
Policy name: `kubernetes-apps-v1-statefulset-configure-recommended-labels`
|
|
|
|
Code path: `kubernetes.apps.v1.StatefulSet.configureRecommendedLabels`
|
|
|
|
Checks that Kubernetes StatefulSets have the recommended labels.
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #B7E4C7;'>low</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: usability
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/working-with-objects/common-labels/>
|
|
|
|
#### kubernetes-apps-v1-statefulset-enable-read-only-root-filesystem
|
|
|
|
Policy name: `kubernetes-apps-v1-statefulset-enable-read-only-root-filesystem`
|
|
|
|
Code path: `kubernetes.apps.v1.StatefulSet.enableReadOnlyRootFilesystem`
|
|
|
|
Checks that Kubernetes StatefulSets run pods with a read-only filesystem.
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F4D8A5;'>high</span>
|
|
|
|
Frameworks: iso27001, pcidss
|
|
|
|
Topics: runtime, security
|
|
|
|
Link: <https://kubernetes.io/docs/tasks/configure-pod-container/security-context/>
|
|
|
|
### v1beta1
|
|
|
|
#### kubernetes-apps-v1beta1-controllerrevision-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apps-v1beta1-controllerrevision-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apps.v1beta1.ControllerRevision.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apps.v1beta1.ControllerRevision).
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-apps-v1beta1-controllerrevisionlist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apps-v1beta1-controllerrevisionlist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apps.v1beta1.ControllerRevisionList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apps.v1beta1.ControllerRevisionList).
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-apps-v1beta1-controllerrevisionpatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apps-v1beta1-controllerrevisionpatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apps.v1beta1.ControllerRevisionPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apps.v1beta1.ControllerRevisionPatch).
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-apps-v1beta1-deployment-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apps-v1beta1-deployment-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apps.v1beta1.Deployment.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apps.v1beta1.Deployment).
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-apps-v1beta1-deploymentlist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apps-v1beta1-deploymentlist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apps.v1beta1.DeploymentList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apps.v1beta1.DeploymentList).
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-apps-v1beta1-deploymentpatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apps-v1beta1-deploymentpatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apps.v1beta1.DeploymentPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apps.v1beta1.DeploymentPatch).
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-apps-v1beta1-statefulset-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apps-v1beta1-statefulset-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apps.v1beta1.StatefulSet.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apps.v1beta1.StatefulSet).
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-apps-v1beta1-statefulsetlist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apps-v1beta1-statefulsetlist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apps.v1beta1.StatefulSetList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apps.v1beta1.StatefulSetList).
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-apps-v1beta1-statefulsetpatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apps-v1beta1-statefulsetpatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apps.v1beta1.StatefulSetPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apps.v1beta1.StatefulSetPatch).
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
### v1beta2
|
|
|
|
#### kubernetes-apps-v1beta2-controllerrevision-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apps-v1beta2-controllerrevision-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apps.v1beta2.ControllerRevision.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apps.v1beta2.ControllerRevision).
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1beta2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-apps-v1beta2-controllerrevisionlist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apps-v1beta2-controllerrevisionlist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apps.v1beta2.ControllerRevisionList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apps.v1beta2.ControllerRevisionList).
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1beta2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-apps-v1beta2-controllerrevisionpatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apps-v1beta2-controllerrevisionpatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apps.v1beta2.ControllerRevisionPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apps.v1beta2.ControllerRevisionPatch).
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1beta2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-apps-v1beta2-daemonset-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apps-v1beta2-daemonset-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apps.v1beta2.DaemonSet.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apps.v1beta2.DaemonSet).
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1beta2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-apps-v1beta2-daemonsetlist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apps-v1beta2-daemonsetlist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apps.v1beta2.DaemonSetList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apps.v1beta2.DaemonSetList).
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1beta2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-apps-v1beta2-daemonsetpatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apps-v1beta2-daemonsetpatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apps.v1beta2.DaemonSetPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apps.v1beta2.DaemonSetPatch).
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1beta2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-apps-v1beta2-deployment-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apps-v1beta2-deployment-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apps.v1beta2.Deployment.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apps.v1beta2.Deployment).
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1beta2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-apps-v1beta2-deploymentlist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apps-v1beta2-deploymentlist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apps.v1beta2.DeploymentList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apps.v1beta2.DeploymentList).
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1beta2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-apps-v1beta2-deploymentpatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apps-v1beta2-deploymentpatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apps.v1beta2.DeploymentPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apps.v1beta2.DeploymentPatch).
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1beta2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-apps-v1beta2-replicaset-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apps-v1beta2-replicaset-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apps.v1beta2.ReplicaSet.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apps.v1beta2.ReplicaSet).
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1beta2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-apps-v1beta2-replicasetlist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apps-v1beta2-replicasetlist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apps.v1beta2.ReplicaSetList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apps.v1beta2.ReplicaSetList).
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1beta2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-apps-v1beta2-replicasetpatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apps-v1beta2-replicasetpatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apps.v1beta2.ReplicaSetPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apps.v1beta2.ReplicaSetPatch).
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1beta2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-apps-v1beta2-statefulset-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apps-v1beta2-statefulset-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apps.v1beta2.StatefulSet.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apps.v1beta2.StatefulSet).
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1beta2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-apps-v1beta2-statefulsetlist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apps-v1beta2-statefulsetlist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apps.v1beta2.StatefulSetList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apps.v1beta2.StatefulSetList).
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1beta2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-apps-v1beta2-statefulsetpatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-apps-v1beta2-statefulsetpatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.apps.v1beta2.StatefulSetPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (apps.v1beta2.StatefulSetPatch).
|
|
|
|
Service: Apps
|
|
|
|
Resource: v1beta2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
## auditregistration
|
|
|
|
### v1alpha1
|
|
|
|
#### kubernetes-auditregistration-v1alpha1-auditsink-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-auditregistration-v1alpha1-auditsink-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.auditregistration.v1alpha1.AuditSink.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (auditregistration.v1alpha1.AuditSink).
|
|
|
|
Service: Auditregistration
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-auditregistration-v1alpha1-auditsinklist-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-auditregistration-v1alpha1-auditsinklist-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.auditregistration.v1alpha1.AuditSinkList.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (auditregistration.v1alpha1.AuditSinkList).
|
|
|
|
Service: Auditregistration
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-auditregistration-v1alpha1-auditsinkpatch-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-auditregistration-v1alpha1-auditsinkpatch-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.auditregistration.v1alpha1.AuditSinkPatch.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (auditregistration.v1alpha1.AuditSinkPatch).
|
|
|
|
Service: Auditregistration
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
## autoscaling
|
|
|
|
### v2beta1
|
|
|
|
#### kubernetes-autoscaling-v2beta1-horizontalpodautoscaler-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-autoscaling-v2beta1-horizontalpodautoscaler-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.autoscaling.v2beta1.HorizontalPodAutoscaler.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (autoscaling.v2beta1.HorizontalPodAutoscaler).
|
|
|
|
Service: Autoscaling
|
|
|
|
Resource: v2beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-autoscaling-v2beta1-horizontalpodautoscalerlist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-autoscaling-v2beta1-horizontalpodautoscalerlist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.autoscaling.v2beta1.HorizontalPodAutoscalerList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (autoscaling.v2beta1.HorizontalPodAutoscalerList).
|
|
|
|
Service: Autoscaling
|
|
|
|
Resource: v2beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-autoscaling-v2beta1-horizontalpodautoscalerpatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-autoscaling-v2beta1-horizontalpodautoscalerpatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.autoscaling.v2beta1.HorizontalPodAutoscalerPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (autoscaling.v2beta1.HorizontalPodAutoscalerPatch).
|
|
|
|
Service: Autoscaling
|
|
|
|
Resource: v2beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
### v2beta2
|
|
|
|
#### kubernetes-autoscaling-v2beta2-horizontalpodautoscaler-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-autoscaling-v2beta2-horizontalpodautoscaler-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.autoscaling.v2beta2.HorizontalPodAutoscaler.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (autoscaling.v2beta2.HorizontalPodAutoscaler).
|
|
|
|
Service: Autoscaling
|
|
|
|
Resource: v2beta2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-autoscaling-v2beta2-horizontalpodautoscalerlist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-autoscaling-v2beta2-horizontalpodautoscalerlist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.autoscaling.v2beta2.HorizontalPodAutoscalerList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (autoscaling.v2beta2.HorizontalPodAutoscalerList).
|
|
|
|
Service: Autoscaling
|
|
|
|
Resource: v2beta2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-autoscaling-v2beta2-horizontalpodautoscalerpatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-autoscaling-v2beta2-horizontalpodautoscalerpatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.autoscaling.v2beta2.HorizontalPodAutoscalerPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (autoscaling.v2beta2.HorizontalPodAutoscalerPatch).
|
|
|
|
Service: Autoscaling
|
|
|
|
Resource: v2beta2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
## batch
|
|
|
|
### v1
|
|
|
|
#### kubernetes-batch-v1-cronjob-configure-recommended-labels
|
|
|
|
Policy name: `kubernetes-batch-v1-cronjob-configure-recommended-labels`
|
|
|
|
Code path: `kubernetes.batch.v1.CronJob.configureRecommendedLabels`
|
|
|
|
Checks that Kubernetes CronJobs have the recommended labels.
|
|
|
|
Service: Batch
|
|
|
|
Resource: v1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #B7E4C7;'>low</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: usability
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/working-with-objects/common-labels/>
|
|
|
|
#### kubernetes-batch-v1-cronjob-enable-read-only-root-filesystem
|
|
|
|
Policy name: `kubernetes-batch-v1-cronjob-enable-read-only-root-filesystem`
|
|
|
|
Code path: `kubernetes.batch.v1.CronJob.enableReadOnlyRootFilesystem`
|
|
|
|
Checks that Kubernetes CronJobs run pods with a read-only filesystem.
|
|
|
|
Service: Batch
|
|
|
|
Resource: v1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F4D8A5;'>high</span>
|
|
|
|
Frameworks: iso27001, pcidss
|
|
|
|
Topics: runtime, security
|
|
|
|
Link: <https://kubernetes.io/docs/tasks/configure-pod-container/security-context/>
|
|
|
|
#### kubernetes-batch-v1-job-configure-recommended-labels
|
|
|
|
Policy name: `kubernetes-batch-v1-job-configure-recommended-labels`
|
|
|
|
Code path: `kubernetes.batch.v1.Job.configureRecommendedLabels`
|
|
|
|
Checks that Kubernetes Jobs have the recommended labels.
|
|
|
|
Service: Batch
|
|
|
|
Resource: v1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #B7E4C7;'>low</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: usability
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/working-with-objects/common-labels/>
|
|
|
|
#### kubernetes-batch-v1-job-enable-read-only-root-filesystem
|
|
|
|
Policy name: `kubernetes-batch-v1-job-enable-read-only-root-filesystem`
|
|
|
|
Code path: `kubernetes.batch.v1.Job.enableReadOnlyRootFilesystem`
|
|
|
|
Checks that Kubernetes Jobs run pods with a read-only filesystem.
|
|
|
|
Service: Batch
|
|
|
|
Resource: v1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F4D8A5;'>high</span>
|
|
|
|
Frameworks: iso27001, pcidss
|
|
|
|
Topics: runtime, security
|
|
|
|
Link: <https://kubernetes.io/docs/tasks/configure-pod-container/security-context/>
|
|
|
|
### v1beta1
|
|
|
|
#### kubernetes-batch-v1beta1-cronjob-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-batch-v1beta1-cronjob-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.batch.v1beta1.CronJob.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (batch.v1beta1.CronJob).
|
|
|
|
Service: Batch
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-batch-v1beta1-cronjoblist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-batch-v1beta1-cronjoblist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.batch.v1beta1.CronJobList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (batch.v1beta1.CronJobList).
|
|
|
|
Service: Batch
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-batch-v1beta1-cronjobpatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-batch-v1beta1-cronjobpatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.batch.v1beta1.CronJobPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (batch.v1beta1.CronJobPatch).
|
|
|
|
Service: Batch
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
### v2alpha1
|
|
|
|
#### kubernetes-batch-v2alpha1-cronjob-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-batch-v2alpha1-cronjob-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.batch.v2alpha1.CronJob.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (batch.v2alpha1.CronJob).
|
|
|
|
Service: Batch
|
|
|
|
Resource: v2alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-batch-v2alpha1-cronjoblist-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-batch-v2alpha1-cronjoblist-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.batch.v2alpha1.CronJobList.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (batch.v2alpha1.CronJobList).
|
|
|
|
Service: Batch
|
|
|
|
Resource: v2alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-batch-v2alpha1-cronjobpatch-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-batch-v2alpha1-cronjobpatch-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.batch.v2alpha1.CronJobPatch.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (batch.v2alpha1.CronJobPatch).
|
|
|
|
Service: Batch
|
|
|
|
Resource: v2alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
## certificates
|
|
|
|
### v1alpha1
|
|
|
|
#### kubernetes-certificates-v1alpha1-clustertrustbundle-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-certificates-v1alpha1-clustertrustbundle-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.certificates.v1alpha1.ClusterTrustBundle.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (certificates.v1alpha1.ClusterTrustBundle).
|
|
|
|
Service: Certificates
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-certificates-v1alpha1-clustertrustbundlelist-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-certificates-v1alpha1-clustertrustbundlelist-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.certificates.v1alpha1.ClusterTrustBundleList.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (certificates.v1alpha1.ClusterTrustBundleList).
|
|
|
|
Service: Certificates
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-certificates-v1alpha1-clustertrustbundlepatch-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-certificates-v1alpha1-clustertrustbundlepatch-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.certificates.v1alpha1.ClusterTrustBundlePatch.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (certificates.v1alpha1.ClusterTrustBundlePatch).
|
|
|
|
Service: Certificates
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
### v1beta1
|
|
|
|
#### kubernetes-certificates-v1beta1-certificatesigningrequest-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-certificates-v1beta1-certificatesigningrequest-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.certificates.v1beta1.CertificateSigningRequest.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (certificates.v1beta1.CertificateSigningRequest).
|
|
|
|
Service: Certificates
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-certificates-v1beta1-certificatesigningrequestlist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-certificates-v1beta1-certificatesigningrequestlist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.certificates.v1beta1.CertificateSigningRequestList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (certificates.v1beta1.CertificateSigningRequestList).
|
|
|
|
Service: Certificates
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-certificates-v1beta1-certificatesigningrequestpatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-certificates-v1beta1-certificatesigningrequestpatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.certificates.v1beta1.CertificateSigningRequestPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (certificates.v1beta1.CertificateSigningRequestPatch).
|
|
|
|
Service: Certificates
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
## coordination
|
|
|
|
### v1beta1
|
|
|
|
#### kubernetes-coordination-v1beta1-lease-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-coordination-v1beta1-lease-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.coordination.v1beta1.Lease.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (coordination.v1beta1.Lease).
|
|
|
|
Service: Coordination
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-coordination-v1beta1-leaselist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-coordination-v1beta1-leaselist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.coordination.v1beta1.LeaseList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (coordination.v1beta1.LeaseList).
|
|
|
|
Service: Coordination
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-coordination-v1beta1-leasepatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-coordination-v1beta1-leasepatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.coordination.v1beta1.LeasePatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (coordination.v1beta1.LeasePatch).
|
|
|
|
Service: Coordination
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
## core
|
|
|
|
### v1
|
|
|
|
#### kubernetes-core-v1-pod-disallow-pod
|
|
|
|
Policy name: `kubernetes-core-v1-pod-disallow-pod`
|
|
|
|
Code path: `kubernetes.core.v1.Pod.disallowPod`
|
|
|
|
Checks that Kubernetes Pods are not used directly.
|
|
|
|
Service: Core
|
|
|
|
Resource: v1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #E4A5A5;'>critical</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: availability
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/workloads/controllers/deployment/>
|
|
|
|
#### kubernetes-core-v1-service-configure-recommended-labels
|
|
|
|
Policy name: `kubernetes-core-v1-service-configure-recommended-labels`
|
|
|
|
Code path: `kubernetes.core.v1.Service.configureRecommendedLabels`
|
|
|
|
Checks that Kubernetes Services use the recommended labels.
|
|
|
|
Service: Core
|
|
|
|
Resource: v1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #B7E4C7;'>low</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: usability
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/working-with-objects/common-labels/>
|
|
|
|
#### kubernetes-core-v1-service-disallow-load-balancer
|
|
|
|
Policy name: `kubernetes-core-v1-service-disallow-load-balancer`
|
|
|
|
Code path: `kubernetes.core.v1.Service.disallowLoadBalancer`
|
|
|
|
Checks that Kubernetes Services do not use a LoadBalancer as service type.
|
|
|
|
Service: Core
|
|
|
|
Resource: v1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #B7E4C7;'>low</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: cost, network
|
|
|
|
Link: <https://github.com/datreeio/datree/blob/main/examples/Cost_Reduction/README.md>
|
|
|
|
## discovery
|
|
|
|
### v1beta1
|
|
|
|
#### kubernetes-discovery-v1beta1-endpointslice-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-discovery-v1beta1-endpointslice-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.discovery.v1beta1.EndpointSlice.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (discovery.v1beta1.EndpointSlice).
|
|
|
|
Service: Discovery
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-discovery-v1beta1-endpointslicelist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-discovery-v1beta1-endpointslicelist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.discovery.v1beta1.EndpointSliceList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (discovery.v1beta1.EndpointSliceList).
|
|
|
|
Service: Discovery
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-discovery-v1beta1-endpointslicepatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-discovery-v1beta1-endpointslicepatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.discovery.v1beta1.EndpointSlicePatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (discovery.v1beta1.EndpointSlicePatch).
|
|
|
|
Service: Discovery
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
## events
|
|
|
|
### v1beta1
|
|
|
|
#### kubernetes-events-v1beta1-event-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-events-v1beta1-event-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.events.v1beta1.Event.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (events.v1beta1.Event).
|
|
|
|
Service: Events
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-events-v1beta1-eventlist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-events-v1beta1-eventlist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.events.v1beta1.EventList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (events.v1beta1.EventList).
|
|
|
|
Service: Events
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-events-v1beta1-eventpatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-events-v1beta1-eventpatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.events.v1beta1.EventPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (events.v1beta1.EventPatch).
|
|
|
|
Service: Events
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
## extensions
|
|
|
|
### v1beta1
|
|
|
|
#### kubernetes-extensions-v1beta1-daemonset-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-extensions-v1beta1-daemonset-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.extensions.v1beta1.DaemonSet.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (extensions.v1beta1.DaemonSet).
|
|
|
|
Service: Extensions
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-extensions-v1beta1-daemonsetlist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-extensions-v1beta1-daemonsetlist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.extensions.v1beta1.DaemonSetList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (extensions.v1beta1.DaemonSetList).
|
|
|
|
Service: Extensions
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-extensions-v1beta1-daemonsetpatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-extensions-v1beta1-daemonsetpatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.extensions.v1beta1.DaemonSetPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (extensions.v1beta1.DaemonSetPatch).
|
|
|
|
Service: Extensions
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-extensions-v1beta1-deployment-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-extensions-v1beta1-deployment-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.extensions.v1beta1.Deployment.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (extensions.v1beta1.Deployment).
|
|
|
|
Service: Extensions
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-extensions-v1beta1-deploymentlist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-extensions-v1beta1-deploymentlist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.extensions.v1beta1.DeploymentList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (extensions.v1beta1.DeploymentList).
|
|
|
|
Service: Extensions
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-extensions-v1beta1-deploymentpatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-extensions-v1beta1-deploymentpatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.extensions.v1beta1.DeploymentPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (extensions.v1beta1.DeploymentPatch).
|
|
|
|
Service: Extensions
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-extensions-v1beta1-ingress-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-extensions-v1beta1-ingress-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.extensions.v1beta1.Ingress.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (extensions.v1beta1.Ingress).
|
|
|
|
Service: Extensions
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-extensions-v1beta1-ingresslist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-extensions-v1beta1-ingresslist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.extensions.v1beta1.IngressList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (extensions.v1beta1.IngressList).
|
|
|
|
Service: Extensions
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-extensions-v1beta1-ingresspatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-extensions-v1beta1-ingresspatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.extensions.v1beta1.IngressPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (extensions.v1beta1.IngressPatch).
|
|
|
|
Service: Extensions
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-extensions-v1beta1-networkpolicy-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-extensions-v1beta1-networkpolicy-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.extensions.v1beta1.NetworkPolicy.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (extensions.v1beta1.NetworkPolicy).
|
|
|
|
Service: Extensions
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-extensions-v1beta1-networkpolicylist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-extensions-v1beta1-networkpolicylist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.extensions.v1beta1.NetworkPolicyList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (extensions.v1beta1.NetworkPolicyList).
|
|
|
|
Service: Extensions
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-extensions-v1beta1-networkpolicypatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-extensions-v1beta1-networkpolicypatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.extensions.v1beta1.NetworkPolicyPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (extensions.v1beta1.NetworkPolicyPatch).
|
|
|
|
Service: Extensions
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-extensions-v1beta1-podsecuritypolicy-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-extensions-v1beta1-podsecuritypolicy-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.extensions.v1beta1.PodSecurityPolicy.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (extensions.v1beta1.PodSecurityPolicy).
|
|
|
|
Service: Extensions
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-extensions-v1beta1-podsecuritypolicylist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-extensions-v1beta1-podsecuritypolicylist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.extensions.v1beta1.PodSecurityPolicyList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (extensions.v1beta1.PodSecurityPolicyList).
|
|
|
|
Service: Extensions
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-extensions-v1beta1-podsecuritypolicypatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-extensions-v1beta1-podsecuritypolicypatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.extensions.v1beta1.PodSecurityPolicyPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (extensions.v1beta1.PodSecurityPolicyPatch).
|
|
|
|
Service: Extensions
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-extensions-v1beta1-replicaset-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-extensions-v1beta1-replicaset-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.extensions.v1beta1.ReplicaSet.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (extensions.v1beta1.ReplicaSet).
|
|
|
|
Service: Extensions
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-extensions-v1beta1-replicasetlist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-extensions-v1beta1-replicasetlist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.extensions.v1beta1.ReplicaSetList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (extensions.v1beta1.ReplicaSetList).
|
|
|
|
Service: Extensions
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-extensions-v1beta1-replicasetpatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-extensions-v1beta1-replicasetpatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.extensions.v1beta1.ReplicaSetPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (extensions.v1beta1.ReplicaSetPatch).
|
|
|
|
Service: Extensions
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
## flowcontrol
|
|
|
|
### v1alpha1
|
|
|
|
#### kubernetes-flowcontrol-v1alpha1-flowschema-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-flowcontrol-v1alpha1-flowschema-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.flowcontrol.v1alpha1.FlowSchema.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (flowcontrol.v1alpha1.FlowSchema).
|
|
|
|
Service: Flowcontrol
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-flowcontrol-v1alpha1-flowschemalist-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-flowcontrol-v1alpha1-flowschemalist-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.flowcontrol.v1alpha1.FlowSchemaList.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (flowcontrol.v1alpha1.FlowSchemaList).
|
|
|
|
Service: Flowcontrol
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-flowcontrol-v1alpha1-flowschemapatch-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-flowcontrol-v1alpha1-flowschemapatch-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.flowcontrol.v1alpha1.FlowSchemaPatch.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (flowcontrol.v1alpha1.FlowSchemaPatch).
|
|
|
|
Service: Flowcontrol
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-flowcontrol-v1alpha1-prioritylevelconfiguration-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-flowcontrol-v1alpha1-prioritylevelconfiguration-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.flowcontrol.v1alpha1.PriorityLevelConfiguration.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (flowcontrol.v1alpha1.PriorityLevelConfiguration).
|
|
|
|
Service: Flowcontrol
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-flowcontrol-v1alpha1-prioritylevelconfigurationlist-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-flowcontrol-v1alpha1-prioritylevelconfigurationlist-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.flowcontrol.v1alpha1.PriorityLevelConfigurationList.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (flowcontrol.v1alpha1.PriorityLevelConfigurationList).
|
|
|
|
Service: Flowcontrol
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-flowcontrol-v1alpha1-prioritylevelconfigurationpatch-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-flowcontrol-v1alpha1-prioritylevelconfigurationpatch-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.flowcontrol.v1alpha1.PriorityLevelConfigurationPatch.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (flowcontrol.v1alpha1.PriorityLevelConfigurationPatch).
|
|
|
|
Service: Flowcontrol
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
### v1beta1
|
|
|
|
#### kubernetes-flowcontrol-v1beta1-flowschema-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-flowcontrol-v1beta1-flowschema-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.flowcontrol.v1beta1.FlowSchema.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (flowcontrol.v1beta1.FlowSchema).
|
|
|
|
Service: Flowcontrol
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-flowcontrol-v1beta1-flowschemalist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-flowcontrol-v1beta1-flowschemalist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.flowcontrol.v1beta1.FlowSchemaList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (flowcontrol.v1beta1.FlowSchemaList).
|
|
|
|
Service: Flowcontrol
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-flowcontrol-v1beta1-flowschemapatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-flowcontrol-v1beta1-flowschemapatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.flowcontrol.v1beta1.FlowSchemaPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (flowcontrol.v1beta1.FlowSchemaPatch).
|
|
|
|
Service: Flowcontrol
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-flowcontrol-v1beta1-prioritylevelconfiguration-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-flowcontrol-v1beta1-prioritylevelconfiguration-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.flowcontrol.v1beta1.PriorityLevelConfiguration.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (flowcontrol.v1beta1.PriorityLevelConfiguration).
|
|
|
|
Service: Flowcontrol
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-flowcontrol-v1beta1-prioritylevelconfigurationlist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-flowcontrol-v1beta1-prioritylevelconfigurationlist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.flowcontrol.v1beta1.PriorityLevelConfigurationList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (flowcontrol.v1beta1.PriorityLevelConfigurationList).
|
|
|
|
Service: Flowcontrol
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-flowcontrol-v1beta1-prioritylevelconfigurationpatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-flowcontrol-v1beta1-prioritylevelconfigurationpatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.flowcontrol.v1beta1.PriorityLevelConfigurationPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (flowcontrol.v1beta1.PriorityLevelConfigurationPatch).
|
|
|
|
Service: Flowcontrol
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
### v1beta2
|
|
|
|
#### kubernetes-flowcontrol-v1beta2-flowschema-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-flowcontrol-v1beta2-flowschema-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.flowcontrol.v1beta2.FlowSchema.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (flowcontrol.v1beta2.FlowSchema).
|
|
|
|
Service: Flowcontrol
|
|
|
|
Resource: v1beta2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-flowcontrol-v1beta2-flowschemalist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-flowcontrol-v1beta2-flowschemalist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.flowcontrol.v1beta2.FlowSchemaList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (flowcontrol.v1beta2.FlowSchemaList).
|
|
|
|
Service: Flowcontrol
|
|
|
|
Resource: v1beta2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-flowcontrol-v1beta2-flowschemapatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-flowcontrol-v1beta2-flowschemapatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.flowcontrol.v1beta2.FlowSchemaPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (flowcontrol.v1beta2.FlowSchemaPatch).
|
|
|
|
Service: Flowcontrol
|
|
|
|
Resource: v1beta2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-flowcontrol-v1beta2-prioritylevelconfiguration-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-flowcontrol-v1beta2-prioritylevelconfiguration-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.flowcontrol.v1beta2.PriorityLevelConfiguration.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (flowcontrol.v1beta2.PriorityLevelConfiguration).
|
|
|
|
Service: Flowcontrol
|
|
|
|
Resource: v1beta2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-flowcontrol-v1beta2-prioritylevelconfigurationlist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-flowcontrol-v1beta2-prioritylevelconfigurationlist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.flowcontrol.v1beta2.PriorityLevelConfigurationList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (flowcontrol.v1beta2.PriorityLevelConfigurationList).
|
|
|
|
Service: Flowcontrol
|
|
|
|
Resource: v1beta2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-flowcontrol-v1beta2-prioritylevelconfigurationpatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-flowcontrol-v1beta2-prioritylevelconfigurationpatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.flowcontrol.v1beta2.PriorityLevelConfigurationPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (flowcontrol.v1beta2.PriorityLevelConfigurationPatch).
|
|
|
|
Service: Flowcontrol
|
|
|
|
Resource: v1beta2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
### v1beta3
|
|
|
|
#### kubernetes-flowcontrol-v1beta3-flowschema-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-flowcontrol-v1beta3-flowschema-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.flowcontrol.v1beta3.FlowSchema.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (flowcontrol.v1beta3.FlowSchema).
|
|
|
|
Service: Flowcontrol
|
|
|
|
Resource: v1beta3
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-flowcontrol-v1beta3-flowschemalist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-flowcontrol-v1beta3-flowschemalist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.flowcontrol.v1beta3.FlowSchemaList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (flowcontrol.v1beta3.FlowSchemaList).
|
|
|
|
Service: Flowcontrol
|
|
|
|
Resource: v1beta3
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-flowcontrol-v1beta3-flowschemapatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-flowcontrol-v1beta3-flowschemapatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.flowcontrol.v1beta3.FlowSchemaPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (flowcontrol.v1beta3.FlowSchemaPatch).
|
|
|
|
Service: Flowcontrol
|
|
|
|
Resource: v1beta3
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-flowcontrol-v1beta3-prioritylevelconfiguration-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-flowcontrol-v1beta3-prioritylevelconfiguration-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.flowcontrol.v1beta3.PriorityLevelConfiguration.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (flowcontrol.v1beta3.PriorityLevelConfiguration).
|
|
|
|
Service: Flowcontrol
|
|
|
|
Resource: v1beta3
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-flowcontrol-v1beta3-prioritylevelconfigurationlist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-flowcontrol-v1beta3-prioritylevelconfigurationlist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.flowcontrol.v1beta3.PriorityLevelConfigurationList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (flowcontrol.v1beta3.PriorityLevelConfigurationList).
|
|
|
|
Service: Flowcontrol
|
|
|
|
Resource: v1beta3
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-flowcontrol-v1beta3-prioritylevelconfigurationpatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-flowcontrol-v1beta3-prioritylevelconfigurationpatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.flowcontrol.v1beta3.PriorityLevelConfigurationPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (flowcontrol.v1beta3.PriorityLevelConfigurationPatch).
|
|
|
|
Service: Flowcontrol
|
|
|
|
Resource: v1beta3
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
## networking
|
|
|
|
### v1alpha1
|
|
|
|
#### kubernetes-networking-v1alpha1-clustercidr-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-networking-v1alpha1-clustercidr-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.networking.v1alpha1.ClusterCIDR.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (networking.v1alpha1.ClusterCIDR).
|
|
|
|
Service: Networking
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-networking-v1alpha1-clustercidrlist-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-networking-v1alpha1-clustercidrlist-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.networking.v1alpha1.ClusterCIDRList.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (networking.v1alpha1.ClusterCIDRList).
|
|
|
|
Service: Networking
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-networking-v1alpha1-clustercidrpatch-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-networking-v1alpha1-clustercidrpatch-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.networking.v1alpha1.ClusterCIDRPatch.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (networking.v1alpha1.ClusterCIDRPatch).
|
|
|
|
Service: Networking
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-networking-v1alpha1-ipaddress-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-networking-v1alpha1-ipaddress-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.networking.v1alpha1.IPAddress.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (networking.v1alpha1.IPAddress).
|
|
|
|
Service: Networking
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-networking-v1alpha1-ipaddresslist-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-networking-v1alpha1-ipaddresslist-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.networking.v1alpha1.IPAddressList.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (networking.v1alpha1.IPAddressList).
|
|
|
|
Service: Networking
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-networking-v1alpha1-ipaddresspatch-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-networking-v1alpha1-ipaddresspatch-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.networking.v1alpha1.IPAddressPatch.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (networking.v1alpha1.IPAddressPatch).
|
|
|
|
Service: Networking
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
### v1beta1
|
|
|
|
#### kubernetes-networking-v1beta1-ingress-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-networking-v1beta1-ingress-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.networking.v1beta1.Ingress.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (networking.v1beta1.Ingress).
|
|
|
|
Service: Networking
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-networking-v1beta1-ingressclass-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-networking-v1beta1-ingressclass-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.networking.v1beta1.IngressClass.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (networking.v1beta1.IngressClass).
|
|
|
|
Service: Networking
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-networking-v1beta1-ingressclasslist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-networking-v1beta1-ingressclasslist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.networking.v1beta1.IngressClassList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (networking.v1beta1.IngressClassList).
|
|
|
|
Service: Networking
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-networking-v1beta1-ingressclasspatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-networking-v1beta1-ingressclasspatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.networking.v1beta1.IngressClassPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (networking.v1beta1.IngressClassPatch).
|
|
|
|
Service: Networking
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-networking-v1beta1-ingresslist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-networking-v1beta1-ingresslist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.networking.v1beta1.IngressList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (networking.v1beta1.IngressList).
|
|
|
|
Service: Networking
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-networking-v1beta1-ingresspatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-networking-v1beta1-ingresspatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.networking.v1beta1.IngressPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (networking.v1beta1.IngressPatch).
|
|
|
|
Service: Networking
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
## node
|
|
|
|
### v1alpha1
|
|
|
|
#### kubernetes-node-v1alpha1-runtimeclass-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-node-v1alpha1-runtimeclass-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.node.v1alpha1.RuntimeClass.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (node.v1alpha1.RuntimeClass).
|
|
|
|
Service: Node
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-node-v1alpha1-runtimeclasslist-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-node-v1alpha1-runtimeclasslist-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.node.v1alpha1.RuntimeClassList.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (node.v1alpha1.RuntimeClassList).
|
|
|
|
Service: Node
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-node-v1alpha1-runtimeclasspatch-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-node-v1alpha1-runtimeclasspatch-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.node.v1alpha1.RuntimeClassPatch.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (node.v1alpha1.RuntimeClassPatch).
|
|
|
|
Service: Node
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
### v1beta1
|
|
|
|
#### kubernetes-node-v1beta1-runtimeclass-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-node-v1beta1-runtimeclass-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.node.v1beta1.RuntimeClass.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (node.v1beta1.RuntimeClass).
|
|
|
|
Service: Node
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-node-v1beta1-runtimeclasslist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-node-v1beta1-runtimeclasslist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.node.v1beta1.RuntimeClassList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (node.v1beta1.RuntimeClassList).
|
|
|
|
Service: Node
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-node-v1beta1-runtimeclasspatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-node-v1beta1-runtimeclasspatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.node.v1beta1.RuntimeClassPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (node.v1beta1.RuntimeClassPatch).
|
|
|
|
Service: Node
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
## policy
|
|
|
|
### v1
|
|
|
|
#### kubernetes-policy-v1-poddisruptionbudget-disallow-zero-voluntary-disruption
|
|
|
|
Policy name: `kubernetes-policy-v1-poddisruptionbudget-disallow-zero-voluntary-disruption`
|
|
|
|
Code path: `kubernetes.policy.v1.PodDisruptionBudget.disallowZeroVoluntaryDisruption`
|
|
|
|
Checks that Kubernetes PodDisruptionBudgets have a voluntary disruption.
|
|
|
|
Service: Policy
|
|
|
|
Resource: v1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F4D8A5;'>high</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: availability
|
|
|
|
Link: <https://kubernetes.io/docs/tasks/run-application/configure-pdb/>
|
|
|
|
### v1beta1
|
|
|
|
#### kubernetes-policy-v1beta1-poddisruptionbudget-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-policy-v1beta1-poddisruptionbudget-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.policy.v1beta1.PodDisruptionBudget.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (policy.v1beta1.PodDisruptionBudget).
|
|
|
|
Service: Policy
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-policy-v1beta1-poddisruptionbudgetlist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-policy-v1beta1-poddisruptionbudgetlist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.policy.v1beta1.PodDisruptionBudgetList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (policy.v1beta1.PodDisruptionBudgetList).
|
|
|
|
Service: Policy
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-policy-v1beta1-poddisruptionbudgetpatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-policy-v1beta1-poddisruptionbudgetpatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.policy.v1beta1.PodDisruptionBudgetPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (policy.v1beta1.PodDisruptionBudgetPatch).
|
|
|
|
Service: Policy
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-policy-v1beta1-podsecuritypolicy-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-policy-v1beta1-podsecuritypolicy-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.policy.v1beta1.PodSecurityPolicy.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (policy.v1beta1.PodSecurityPolicy).
|
|
|
|
Service: Policy
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-policy-v1beta1-podsecuritypolicylist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-policy-v1beta1-podsecuritypolicylist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.policy.v1beta1.PodSecurityPolicyList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (policy.v1beta1.PodSecurityPolicyList).
|
|
|
|
Service: Policy
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-policy-v1beta1-podsecuritypolicypatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-policy-v1beta1-podsecuritypolicypatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.policy.v1beta1.PodSecurityPolicyPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (policy.v1beta1.PodSecurityPolicyPatch).
|
|
|
|
Service: Policy
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
## rbac
|
|
|
|
### v1alpha1
|
|
|
|
#### kubernetes-rbac-v1alpha1-clusterrole-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-rbac-v1alpha1-clusterrole-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.rbac.v1alpha1.ClusterRole.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (rbac.v1alpha1.ClusterRole).
|
|
|
|
Service: Rbac
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-rbac-v1alpha1-clusterrolebinding-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-rbac-v1alpha1-clusterrolebinding-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.rbac.v1alpha1.ClusterRoleBinding.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (rbac.v1alpha1.ClusterRoleBinding).
|
|
|
|
Service: Rbac
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-rbac-v1alpha1-clusterrolebindinglist-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-rbac-v1alpha1-clusterrolebindinglist-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.rbac.v1alpha1.ClusterRoleBindingList.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (rbac.v1alpha1.ClusterRoleBindingList).
|
|
|
|
Service: Rbac
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-rbac-v1alpha1-clusterrolebindingpatch-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-rbac-v1alpha1-clusterrolebindingpatch-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.rbac.v1alpha1.ClusterRoleBindingPatch.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (rbac.v1alpha1.ClusterRoleBindingPatch).
|
|
|
|
Service: Rbac
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-rbac-v1alpha1-clusterrolelist-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-rbac-v1alpha1-clusterrolelist-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.rbac.v1alpha1.ClusterRoleList.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (rbac.v1alpha1.ClusterRoleList).
|
|
|
|
Service: Rbac
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-rbac-v1alpha1-clusterrolepatch-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-rbac-v1alpha1-clusterrolepatch-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.rbac.v1alpha1.ClusterRolePatch.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (rbac.v1alpha1.ClusterRolePatch).
|
|
|
|
Service: Rbac
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-rbac-v1alpha1-role-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-rbac-v1alpha1-role-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.rbac.v1alpha1.Role.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (rbac.v1alpha1.Role).
|
|
|
|
Service: Rbac
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-rbac-v1alpha1-rolebinding-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-rbac-v1alpha1-rolebinding-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.rbac.v1alpha1.RoleBinding.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (rbac.v1alpha1.RoleBinding).
|
|
|
|
Service: Rbac
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-rbac-v1alpha1-rolebindinglist-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-rbac-v1alpha1-rolebindinglist-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.rbac.v1alpha1.RoleBindingList.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (rbac.v1alpha1.RoleBindingList).
|
|
|
|
Service: Rbac
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-rbac-v1alpha1-rolebindingpatch-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-rbac-v1alpha1-rolebindingpatch-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.rbac.v1alpha1.RoleBindingPatch.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (rbac.v1alpha1.RoleBindingPatch).
|
|
|
|
Service: Rbac
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-rbac-v1alpha1-rolelist-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-rbac-v1alpha1-rolelist-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.rbac.v1alpha1.RoleList.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (rbac.v1alpha1.RoleList).
|
|
|
|
Service: Rbac
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-rbac-v1alpha1-rolepatch-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-rbac-v1alpha1-rolepatch-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.rbac.v1alpha1.RolePatch.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (rbac.v1alpha1.RolePatch).
|
|
|
|
Service: Rbac
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
### v1beta1
|
|
|
|
#### kubernetes-rbac-v1beta1-clusterrole-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-rbac-v1beta1-clusterrole-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.rbac.v1beta1.ClusterRole.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (rbac.v1beta1.ClusterRole).
|
|
|
|
Service: Rbac
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-rbac-v1beta1-clusterrolebinding-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-rbac-v1beta1-clusterrolebinding-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.rbac.v1beta1.ClusterRoleBinding.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (rbac.v1beta1.ClusterRoleBinding).
|
|
|
|
Service: Rbac
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-rbac-v1beta1-clusterrolebindinglist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-rbac-v1beta1-clusterrolebindinglist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.rbac.v1beta1.ClusterRoleBindingList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (rbac.v1beta1.ClusterRoleBindingList).
|
|
|
|
Service: Rbac
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-rbac-v1beta1-clusterrolebindingpatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-rbac-v1beta1-clusterrolebindingpatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.rbac.v1beta1.ClusterRoleBindingPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (rbac.v1beta1.ClusterRoleBindingPatch).
|
|
|
|
Service: Rbac
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-rbac-v1beta1-clusterrolelist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-rbac-v1beta1-clusterrolelist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.rbac.v1beta1.ClusterRoleList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (rbac.v1beta1.ClusterRoleList).
|
|
|
|
Service: Rbac
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-rbac-v1beta1-clusterrolepatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-rbac-v1beta1-clusterrolepatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.rbac.v1beta1.ClusterRolePatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (rbac.v1beta1.ClusterRolePatch).
|
|
|
|
Service: Rbac
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-rbac-v1beta1-role-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-rbac-v1beta1-role-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.rbac.v1beta1.Role.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (rbac.v1beta1.Role).
|
|
|
|
Service: Rbac
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-rbac-v1beta1-rolebinding-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-rbac-v1beta1-rolebinding-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.rbac.v1beta1.RoleBinding.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (rbac.v1beta1.RoleBinding).
|
|
|
|
Service: Rbac
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-rbac-v1beta1-rolebindinglist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-rbac-v1beta1-rolebindinglist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.rbac.v1beta1.RoleBindingList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (rbac.v1beta1.RoleBindingList).
|
|
|
|
Service: Rbac
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-rbac-v1beta1-rolebindingpatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-rbac-v1beta1-rolebindingpatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.rbac.v1beta1.RoleBindingPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (rbac.v1beta1.RoleBindingPatch).
|
|
|
|
Service: Rbac
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-rbac-v1beta1-rolelist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-rbac-v1beta1-rolelist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.rbac.v1beta1.RoleList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (rbac.v1beta1.RoleList).
|
|
|
|
Service: Rbac
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-rbac-v1beta1-rolepatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-rbac-v1beta1-rolepatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.rbac.v1beta1.RolePatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (rbac.v1beta1.RolePatch).
|
|
|
|
Service: Rbac
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
## resource
|
|
|
|
### v1alpha1
|
|
|
|
#### kubernetes-resource-v1alpha1-podscheduling-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-resource-v1alpha1-podscheduling-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.resource.v1alpha1.PodScheduling.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (resource.v1alpha1.PodScheduling).
|
|
|
|
Service: Resource
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-resource-v1alpha1-podschedulinglist-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-resource-v1alpha1-podschedulinglist-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.resource.v1alpha1.PodSchedulingList.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (resource.v1alpha1.PodSchedulingList).
|
|
|
|
Service: Resource
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-resource-v1alpha1-podschedulingpatch-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-resource-v1alpha1-podschedulingpatch-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.resource.v1alpha1.PodSchedulingPatch.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (resource.v1alpha1.PodSchedulingPatch).
|
|
|
|
Service: Resource
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-resource-v1alpha1-resourceclaim-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-resource-v1alpha1-resourceclaim-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.resource.v1alpha1.ResourceClaim.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (resource.v1alpha1.ResourceClaim).
|
|
|
|
Service: Resource
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-resource-v1alpha1-resourceclaimlist-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-resource-v1alpha1-resourceclaimlist-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.resource.v1alpha1.ResourceClaimList.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (resource.v1alpha1.ResourceClaimList).
|
|
|
|
Service: Resource
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-resource-v1alpha1-resourceclaimpatch-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-resource-v1alpha1-resourceclaimpatch-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.resource.v1alpha1.ResourceClaimPatch.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (resource.v1alpha1.ResourceClaimPatch).
|
|
|
|
Service: Resource
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-resource-v1alpha1-resourceclaimtemplate-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-resource-v1alpha1-resourceclaimtemplate-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.resource.v1alpha1.ResourceClaimTemplate.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (resource.v1alpha1.ResourceClaimTemplate).
|
|
|
|
Service: Resource
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-resource-v1alpha1-resourceclaimtemplatelist-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-resource-v1alpha1-resourceclaimtemplatelist-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.resource.v1alpha1.ResourceClaimTemplateList.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (resource.v1alpha1.ResourceClaimTemplateList).
|
|
|
|
Service: Resource
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-resource-v1alpha1-resourceclaimtemplatepatch-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-resource-v1alpha1-resourceclaimtemplatepatch-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.resource.v1alpha1.ResourceClaimTemplatePatch.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (resource.v1alpha1.ResourceClaimTemplatePatch).
|
|
|
|
Service: Resource
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-resource-v1alpha1-resourceclass-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-resource-v1alpha1-resourceclass-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.resource.v1alpha1.ResourceClass.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (resource.v1alpha1.ResourceClass).
|
|
|
|
Service: Resource
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-resource-v1alpha1-resourceclasslist-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-resource-v1alpha1-resourceclasslist-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.resource.v1alpha1.ResourceClassList.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (resource.v1alpha1.ResourceClassList).
|
|
|
|
Service: Resource
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-resource-v1alpha1-resourceclasspatch-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-resource-v1alpha1-resourceclasspatch-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.resource.v1alpha1.ResourceClassPatch.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (resource.v1alpha1.ResourceClassPatch).
|
|
|
|
Service: Resource
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
### v1alpha2
|
|
|
|
#### kubernetes-resource-v1alpha2-podschedulingcontext-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-resource-v1alpha2-podschedulingcontext-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.resource.v1alpha2.PodSchedulingContext.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (resource.v1alpha2.PodSchedulingContext).
|
|
|
|
Service: Resource
|
|
|
|
Resource: v1alpha2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-resource-v1alpha2-podschedulingcontextlist-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-resource-v1alpha2-podschedulingcontextlist-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.resource.v1alpha2.PodSchedulingContextList.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (resource.v1alpha2.PodSchedulingContextList).
|
|
|
|
Service: Resource
|
|
|
|
Resource: v1alpha2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-resource-v1alpha2-podschedulingcontextpatch-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-resource-v1alpha2-podschedulingcontextpatch-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.resource.v1alpha2.PodSchedulingContextPatch.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (resource.v1alpha2.PodSchedulingContextPatch).
|
|
|
|
Service: Resource
|
|
|
|
Resource: v1alpha2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-resource-v1alpha2-resourceclaim-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-resource-v1alpha2-resourceclaim-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.resource.v1alpha2.ResourceClaim.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (resource.v1alpha2.ResourceClaim).
|
|
|
|
Service: Resource
|
|
|
|
Resource: v1alpha2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-resource-v1alpha2-resourceclaimlist-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-resource-v1alpha2-resourceclaimlist-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.resource.v1alpha2.ResourceClaimList.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (resource.v1alpha2.ResourceClaimList).
|
|
|
|
Service: Resource
|
|
|
|
Resource: v1alpha2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-resource-v1alpha2-resourceclaimpatch-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-resource-v1alpha2-resourceclaimpatch-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.resource.v1alpha2.ResourceClaimPatch.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (resource.v1alpha2.ResourceClaimPatch).
|
|
|
|
Service: Resource
|
|
|
|
Resource: v1alpha2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-resource-v1alpha2-resourceclaimtemplate-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-resource-v1alpha2-resourceclaimtemplate-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.resource.v1alpha2.ResourceClaimTemplate.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (resource.v1alpha2.ResourceClaimTemplate).
|
|
|
|
Service: Resource
|
|
|
|
Resource: v1alpha2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-resource-v1alpha2-resourceclaimtemplatelist-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-resource-v1alpha2-resourceclaimtemplatelist-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.resource.v1alpha2.ResourceClaimTemplateList.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (resource.v1alpha2.ResourceClaimTemplateList).
|
|
|
|
Service: Resource
|
|
|
|
Resource: v1alpha2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-resource-v1alpha2-resourceclaimtemplatepatch-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-resource-v1alpha2-resourceclaimtemplatepatch-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.resource.v1alpha2.ResourceClaimTemplatePatch.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (resource.v1alpha2.ResourceClaimTemplatePatch).
|
|
|
|
Service: Resource
|
|
|
|
Resource: v1alpha2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-resource-v1alpha2-resourceclass-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-resource-v1alpha2-resourceclass-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.resource.v1alpha2.ResourceClass.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (resource.v1alpha2.ResourceClass).
|
|
|
|
Service: Resource
|
|
|
|
Resource: v1alpha2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-resource-v1alpha2-resourceclasslist-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-resource-v1alpha2-resourceclasslist-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.resource.v1alpha2.ResourceClassList.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (resource.v1alpha2.ResourceClassList).
|
|
|
|
Service: Resource
|
|
|
|
Resource: v1alpha2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-resource-v1alpha2-resourceclasspatch-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-resource-v1alpha2-resourceclasspatch-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.resource.v1alpha2.ResourceClassPatch.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (resource.v1alpha2.ResourceClassPatch).
|
|
|
|
Service: Resource
|
|
|
|
Resource: v1alpha2
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
## scheduling
|
|
|
|
### v1alpha1
|
|
|
|
#### kubernetes-scheduling-v1alpha1-priorityclass-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-scheduling-v1alpha1-priorityclass-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.scheduling.v1alpha1.PriorityClass.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (scheduling.v1alpha1.PriorityClass).
|
|
|
|
Service: Scheduling
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-scheduling-v1alpha1-priorityclasslist-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-scheduling-v1alpha1-priorityclasslist-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.scheduling.v1alpha1.PriorityClassList.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (scheduling.v1alpha1.PriorityClassList).
|
|
|
|
Service: Scheduling
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-scheduling-v1alpha1-priorityclasspatch-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-scheduling-v1alpha1-priorityclasspatch-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.scheduling.v1alpha1.PriorityClassPatch.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (scheduling.v1alpha1.PriorityClassPatch).
|
|
|
|
Service: Scheduling
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
### v1beta1
|
|
|
|
#### kubernetes-scheduling-v1beta1-priorityclass-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-scheduling-v1beta1-priorityclass-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.scheduling.v1beta1.PriorityClass.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (scheduling.v1beta1.PriorityClass).
|
|
|
|
Service: Scheduling
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-scheduling-v1beta1-priorityclasslist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-scheduling-v1beta1-priorityclasslist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.scheduling.v1beta1.PriorityClassList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (scheduling.v1beta1.PriorityClassList).
|
|
|
|
Service: Scheduling
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-scheduling-v1beta1-priorityclasspatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-scheduling-v1beta1-priorityclasspatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.scheduling.v1beta1.PriorityClassPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (scheduling.v1beta1.PriorityClassPatch).
|
|
|
|
Service: Scheduling
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
## settings
|
|
|
|
### v1alpha1
|
|
|
|
#### kubernetes-settings-v1alpha1-podpreset-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-settings-v1alpha1-podpreset-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.settings.v1alpha1.PodPreset.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (settings.v1alpha1.PodPreset).
|
|
|
|
Service: Settings
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-settings-v1alpha1-podpresetlist-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-settings-v1alpha1-podpresetlist-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.settings.v1alpha1.PodPresetList.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (settings.v1alpha1.PodPresetList).
|
|
|
|
Service: Settings
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-settings-v1alpha1-podpresetpatch-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-settings-v1alpha1-podpresetpatch-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.settings.v1alpha1.PodPresetPatch.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (settings.v1alpha1.PodPresetPatch).
|
|
|
|
Service: Settings
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
## storage
|
|
|
|
### v1alpha1
|
|
|
|
#### kubernetes-storage-v1alpha1-volumeattachment-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-storage-v1alpha1-volumeattachment-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.storage.v1alpha1.VolumeAttachment.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (storage.v1alpha1.VolumeAttachment).
|
|
|
|
Service: Storage
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-storage-v1alpha1-volumeattachmentlist-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-storage-v1alpha1-volumeattachmentlist-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.storage.v1alpha1.VolumeAttachmentList.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (storage.v1alpha1.VolumeAttachmentList).
|
|
|
|
Service: Storage
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-storage-v1alpha1-volumeattachmentpatch-disallow-alpha-resource
|
|
|
|
Policy name: `kubernetes-storage-v1alpha1-volumeattachmentpatch-disallow-alpha-resource`
|
|
|
|
Code path: `kubernetes.storage.v1alpha1.VolumeAttachmentPatch.disallowAlphaResource`
|
|
|
|
Disallow the use of non-stable (Alpha) Kubernetes resouces (storage.v1alpha1.VolumeAttachmentPatch).
|
|
|
|
Service: Storage
|
|
|
|
Resource: v1alpha1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: alpha, api, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
### v1beta1
|
|
|
|
#### kubernetes-storage-v1beta1-csidriver-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-storage-v1beta1-csidriver-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.storage.v1beta1.CSIDriver.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (storage.v1beta1.CSIDriver).
|
|
|
|
Service: Storage
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-storage-v1beta1-csidriverlist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-storage-v1beta1-csidriverlist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.storage.v1beta1.CSIDriverList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (storage.v1beta1.CSIDriverList).
|
|
|
|
Service: Storage
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-storage-v1beta1-csidriverpatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-storage-v1beta1-csidriverpatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.storage.v1beta1.CSIDriverPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (storage.v1beta1.CSIDriverPatch).
|
|
|
|
Service: Storage
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-storage-v1beta1-csinode-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-storage-v1beta1-csinode-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.storage.v1beta1.CSINode.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (storage.v1beta1.CSINode).
|
|
|
|
Service: Storage
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-storage-v1beta1-csinodelist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-storage-v1beta1-csinodelist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.storage.v1beta1.CSINodeList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (storage.v1beta1.CSINodeList).
|
|
|
|
Service: Storage
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-storage-v1beta1-csinodepatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-storage-v1beta1-csinodepatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.storage.v1beta1.CSINodePatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (storage.v1beta1.CSINodePatch).
|
|
|
|
Service: Storage
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-storage-v1beta1-csistoragecapacity-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-storage-v1beta1-csistoragecapacity-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.storage.v1beta1.CSIStorageCapacity.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (storage.v1beta1.CSIStorageCapacity).
|
|
|
|
Service: Storage
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-storage-v1beta1-csistoragecapacitylist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-storage-v1beta1-csistoragecapacitylist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.storage.v1beta1.CSIStorageCapacityList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (storage.v1beta1.CSIStorageCapacityList).
|
|
|
|
Service: Storage
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-storage-v1beta1-csistoragecapacitypatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-storage-v1beta1-csistoragecapacitypatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.storage.v1beta1.CSIStorageCapacityPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (storage.v1beta1.CSIStorageCapacityPatch).
|
|
|
|
Service: Storage
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-storage-v1beta1-storageclass-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-storage-v1beta1-storageclass-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.storage.v1beta1.StorageClass.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (storage.v1beta1.StorageClass).
|
|
|
|
Service: Storage
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-storage-v1beta1-storageclasslist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-storage-v1beta1-storageclasslist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.storage.v1beta1.StorageClassList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (storage.v1beta1.StorageClassList).
|
|
|
|
Service: Storage
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-storage-v1beta1-storageclasspatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-storage-v1beta1-storageclasspatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.storage.v1beta1.StorageClassPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (storage.v1beta1.StorageClassPatch).
|
|
|
|
Service: Storage
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-storage-v1beta1-volumeattachment-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-storage-v1beta1-volumeattachment-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.storage.v1beta1.VolumeAttachment.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (storage.v1beta1.VolumeAttachment).
|
|
|
|
Service: Storage
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-storage-v1beta1-volumeattachmentlist-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-storage-v1beta1-volumeattachmentlist-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.storage.v1beta1.VolumeAttachmentList.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (storage.v1beta1.VolumeAttachmentList).
|
|
|
|
Service: Storage
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|
|
|
|
#### kubernetes-storage-v1beta1-volumeattachmentpatch-disallow-beta-resource
|
|
|
|
Policy name: `kubernetes-storage-v1beta1-volumeattachmentpatch-disallow-beta-resource`
|
|
|
|
Code path: `kubernetes.storage.v1beta1.VolumeAttachmentPatch.disallowBetaResource`
|
|
|
|
Disallow the use of non-stable (Beta) Kubernetes resouces (storage.v1beta1.VolumeAttachmentPatch).
|
|
|
|
Service: Storage
|
|
|
|
Resource: v1beta1
|
|
|
|
Associated metadata for this policy:
|
|
|
|
Severity: <span style='background-color: #F9F88A;'>medium</span>
|
|
|
|
Frameworks: none
|
|
|
|
Topics: api, beta, unstable
|
|
|
|
Link: <https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning>
|