Closed seungsoo-lee closed 2 years ago
Like the network policy validation, we can expect that the discovered system policies can be saturated within some time.
Thus, after those discovered system policies are applied, there should be no denied action from KubeArmor.
For the first step, we need to validate it against multiubuntu pods because we know there is some limited actions.
Then, we need to validate it against other real microservices (e.g., google Hipster)
This validation is now done. We have a way v2 version of system policies that are stable.
Like the network policy validation, we can expect that the discovered system policies can be saturated within some time.
Thus, after those discovered system policies are applied, there should be no denied action from KubeArmor.
For the first step, we need to validate it against multiubuntu pods because we know there is some limited actions.
Then, we need to validate it against other real microservices (e.g., google Hipster)