Network Policy Disabled
- Query id: c47f90e8-4a19-43f0-8413-cc434d286c4e
- Query name: Network Policy Disabled
- Platform: GoogleDeploymentManager
- Severity: High
- Category: Insecure Configurations
- URL: Github
Description¶
Kubernetes Engine Clusters must have Network Policy enabled, meaning that the attribute 'networkPolicy.enabled' must be true and the attribute 'addonsConfig.networkPolicyConfig.disabled' must be false
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Postitive test num. 1 - yaml file
resources:
- name: cluster
type: container.v1.cluster
properties:
description: my-cluster
Postitive test num. 2 - yaml file
resources:
- name: cluster
type: container.v1.cluster
properties:
description: my-cluster
networkPolicy:
enabled: false
Postitive test num. 3 - yaml file
resources:
- name: cluster
type: container.v1.cluster
properties:
description: my-cluster
addonsConfig:
networkPolicyConfig:
disabled: true