Default namespace is used
Description
In Kubernetes, the cluster comes out of the box with a namespace called "`default.`" Other namespaces Kubernetes includes are: default, kube-system and kube-public. Some Kubernetes tooling is set up out of the box to use this namespace and you can't delete it. We recommend that you do not use the default namespace in large production systems. Using this space can result in accidental disruption with other services. Instead, we recommend you create alternate namespaces and use them to run additional required services.
Code Example
yaml
apiVersion: <apiVersion>
kind: <kind>
metadata:
name: <name>
+ namespace: <your namespace>
- namespace: defaultRemediation
Kubernetes
- Resource: Pod / Deployment / DaemonSet / StatefulSet / ReplicaSet / ReplicationController / Job / CronJob
- Arguments: namespace (Optional)
Defines the used namespace. Default to default.
Rule Details
| Field | Value |
|---|---|
| ID | IAC-1099 |
| Severity | LOW |
| IaC Type | Kubernetes |
| Frameworks | Kubernetes, |
| Checkov ID | CKV_K8S_21 |