Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Policies for API actions (create, delete, update) #1037

Closed
ErikLundJensen opened this issue Mar 15, 2024 · 0 comments
Closed

Policies for API actions (create, delete, update) #1037

ErikLundJensen opened this issue Mar 15, 2024 · 0 comments
Labels
enhancement Adding additional functionality or improvements stale Marked as stale by stalebot triage This bug needs triage

Comments

@ErikLundJensen
Copy link

Prevent cluster admins from doing dangerous changes, for example deleting a Kubernetes node.

Could Polaris be extended with rules that includes the API action applied? This will only be rules that the Polaris webhook validator can handle as the Polaris dashboard only looks the current state and have no notation of actions. In theory the Polaris dashboard could be extended to show Kubernetes events related to Polaris webhook rejections, however, that would be another feature request.

A solution could be adding the action as a variable available in the GoLang templates in the custom rule definitions.
@ErikLundJensen ErikLundJensen added enhancement Adding additional functionality or improvements triage This bug needs triage labels Mar 15, 2024
@github-actions github-actions bot added the stale Marked as stale by stalebot label May 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement Adding additional functionality or improvements stale Marked as stale by stalebot triage This bug needs triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ErikLundJensen