search

GoogleCloudPlatform / pubsec-declarative-toolkit

The GCP PubSec Declarative Toolkit is a collection of declarative solutions to help you on your Journey to Google Cloud. Solutions are designed using Config Connector and deployed using Config Controller.
Apache License 2.0
30 stars 26 forks source link

feat: Update cluster defaults package with network policies #866

Closed borkodjurkovic-ssc closed 3 months ago

borkodjurkovic-ssc commented 4 months ago

Summary

In order to comply with the nist-sp-800-53-r5-require-namespace-network-policies constraint (of NIST SP 800-53 Rev. 5 Policy Controller bundle), cluster-defaults package required updates to add network policies to the gateway-infra and default namespaces.

gateway-infra namespace Network Policy

Added cluster-defaults/admin-namespaces/networkpolicy.yaml file to implement network policy in the gateway-infra namespace.

Network policies implement following rules:

default namespace Network Policy

Added cluster-defaults/default-namespace/networkpolicy.yaml file to implement network policy in the default namespace

Network policies implement following rules:

fmichaelobrien commented 4 months ago

Doing a deeper review around general 800-53 later tonight