mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-09 17:37:12 +00:00
Code Activity
kyverno/samples/best_practices/disallow_node_port.yaml
Shuting Zhao 46f72cb424 Provide descriptions for policies
2019-10-11 18:57:16 -07:00

20 lines
479 B
YAML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

apiVersion: kyverno.io/v1alpha1
kind: ClusterPolicy
metadata:
name: disallow-node-port
annotations:
policies.kyverno.io/category: Security
policies.kyverno.io/description: Disable exposing the Service on each Nodes IP at a static port
spec:
rules:
- name: disallow-node-port
match:
resources:
kinds:
- Service
validate:
message: "Disallow service of type NodePort"
pattern:
spec:
type: "!NodePort"
View git blame Copy permalink