Name		Name	Last commit message	Last commit date
parent directory ..
.krmignore		.krmignore
1.1.1_asm-ingressgateway-label.yaml		1.1.1_asm-ingressgateway-label.yaml
1.1.2_asm-sidecar-injection.yaml		1.1.2_asm-sidecar-injection.yaml
1.2.1_asm-authz-policy-mesh-default-deny.yaml		1.2.1_asm-authz-policy-mesh-default-deny.yaml
1.2.2_asm-authz-policy-normalization.yaml		1.2.2_asm-authz-policy-normalization.yaml
1.2.3_asm-authz-policy-safe-pattern.yaml		1.2.3_asm-authz-policy-safe-pattern.yaml
1.3.1_asm-peer-authn-mesh-strict-mtls.yaml		1.3.1_asm-peer-authn-mesh-strict-mtls.yaml
1.3.2_asm-peer-authn-strict-mtls.yaml		1.3.2_asm-peer-authn-strict-mtls.yaml
1.4.1_asm-request-authn-prohibited-output-headers.yaml		1.4.1_asm-request-authn-prohibited-output-headers.yaml
Kptfile		Kptfile
LICENSE		LICENSE
README.md		README.md
kustomization.yaml		kustomization.yaml

README.md

Anthos Service Mesh Policy v0.0.1

Description

The Anthos Service Mesh security policy bundle enforces policies in the following domains:

Anthos Service Mesh enforce mTLS traffic
Anthos Service Mesh AuthorizationPolicy best practices
Anthos Service Mesh workload security enforcement

Compatibility

This bundle requires Policy Controller v1.11.2 or higher.

Usage

(Optional) Preview the policy constraints with kubectl:

kubectl kustomize https://github.com/GoogleCloudPlatform/gke-policy-library.git/bundles/asm-policy-v0.0.1

Apply the policy constraints with kubectl:

kubectl apply -k https://github.com/GoogleCloudPlatform/gke-policy-library.git/bundles/asm-policy-v0.0.1

Configurable fields

enforcementAction: The enforcement mode of the constraints, options are dryrun (default), deny or warn.
strictness-level: The strictness level of the security policy constraints, options are Low or High (default).

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

asm-policy-v0.0.1

asm-policy-v0.0.1

.krmignore

.krmignore

1.1.1_asm-ingressgateway-label.yaml

1.1.1_asm-ingressgateway-label.yaml

1.1.2_asm-sidecar-injection.yaml

1.1.2_asm-sidecar-injection.yaml

1.2.1_asm-authz-policy-mesh-default-deny.yaml

1.2.1_asm-authz-policy-mesh-default-deny.yaml

1.2.2_asm-authz-policy-normalization.yaml

1.2.2_asm-authz-policy-normalization.yaml

1.2.3_asm-authz-policy-safe-pattern.yaml

1.2.3_asm-authz-policy-safe-pattern.yaml

1.3.1_asm-peer-authn-mesh-strict-mtls.yaml

1.3.1_asm-peer-authn-mesh-strict-mtls.yaml

1.3.2_asm-peer-authn-strict-mtls.yaml

1.3.2_asm-peer-authn-strict-mtls.yaml

1.4.1_asm-request-authn-prohibited-output-headers.yaml

1.4.1_asm-request-authn-prohibited-output-headers.yaml

Kptfile

Kptfile

LICENSE

LICENSE

README.md

README.md

kustomization.yaml

kustomization.yaml

README.md

Anthos Service Mesh Policy v0.0.1

Description

Compatibility

Usage

(Optional) Preview the policy constraints with kubectl:

Apply the policy constraints with kubectl:

Configurable fields

For more information visit: https://cloud.google.com/anthos-config-management/docs/how-to/using-asm-security-policy

Files

asm-policy-v0.0.1

Directory actions

More options

Directory actions

More options

Latest commit

History

asm-policy-v0.0.1

Folders and files

parent directory

Anthos Service Mesh Policy v0.0.1

Description

Compatibility

Usage

(Optional) Preview the policy constraints with kubectl:

Apply the policy constraints with kubectl:

Configurable fields

For more information visit: https://cloud.google.com/anthos-config-management/docs/how-to/using-asm-security-policy