Pattern: Ensure AKS cluster has Network Policy configured
Issue: -
The Kubernetes object type NetworkPolicy should be defined to have opportunity allow or block traffic to pods, as in a Kubernetes cluster configured with default settings, all pods can discover and communicate with each other without any restrictions.
Resolution: Configure a network policy.
Example of incorrect code:
resource "azurerm_kubernetes_cluster" "bad_example" {
network_profile {
}
}Example of correct code:
resource "azurerm_kubernetes_cluster" "good_example" {
network_profile {
network_policy = "calico"
}
}