-
**What happened**:
I created a new EKS clusters and enabled network policy in the VPC-CNI, but I realized the following `NetworkPolicy` blocks the dns resolution requests. It was working when I used …
-
### Description
Requests incorrectly fail `libinjection` detection (with `sos` fingerprint) for a fairly mundane string input.
### How to reproduce the misbehavior (-> curl call)
```
curl ht…
-
## summary
We've been thinking about how `gh at verify` works. We've realized that `gh at verify` is in effect used to evaluate policy – and that therefore we have to improve its user experience.
As…
-
Currently when using the inline eval in VS code, it includes the whole workspace in its evaluation.
This causes issues for those that have many different project roots that do not import or use eac…
-
### Description
#### Current Limitations
The Terraform AWS provider does use the `UpdateWebACL` API, but only for updating WAF ACLs that it manages and not quite in the way we need for dynamically m…
-
### Kyverno CLI Version
main
### Description
1.12.5
```go
func Test_DocumentToUntyped(t *testing.T) {
m := map[string]interface{}{
"key": 1,
}
v, _ := DocumentToUntyped(m)
fmt.Pr…
-
### Kyverno Version
1.12
### Kubernetes Version
1.29
### Kubernetes Platform
EKS
### Description
I created the following clusterPolicy to prevent updates to the existing ingress annotation (alb…
-
### What would you like to be added?
I would like to be able to set multiple policies that match a given scope with VAP and have VAP to resolve conflicts between policies based on some sort of policy…
-
## Hello!
- Vote on this issue by adding a 👍 reaction
- If you want to document this feature, comment to let us know (we'll work with you on design, scheduling, etc.)
## Affected area/feature
…
-
### Description
While exploring work related to adding multi-tenancy it came to my attention that we would need to add tenant specific policies and processes for evaluating and authorizing access to …