Enable NGAC by default to be able to showcase the application security features

tetratelabs / tetrate-service-bridge-sandbox

Deploy Tetrate Service Bridge Demo on Azure Kubernetes Service (AKS), Google Kubernetes Engine (GKE) and/or Elastic Kubernetes Service (EKS) using Terraform

Apache License 2.0

12 stars 10 forks source link

Enable NGAC by default to be able to showcase the application security features #224

Open nacx opened 1 year ago

nacx commented 1 year ago

FWIW, done in my fork: https://github.com/nacx/tetrate-service-bridge-sandbox/commit/d7ede66d4326efbf009f0a926837310f6f8359df

smarunich commented 1 year ago

@nacx for the team and my own understanding when we enable it... what actually will change from the existing rules? do we affect existing functionality?

nacx commented 1 year ago

Let's hold on this for now, as it will become enabled by default soon (for 1.7 policies we'll start enforcing via NGAC) Currently it only makes the Application stuff work with he approvals stuff, but there is no need to do changes here if we're going to remove the ability to disable it soon.

smarunich commented 1 year ago

sounds good