Ensure network policy is assigned to Kubernetes cluster.

Description

This policy checks whether a network policy is assigned to a Kubernetes cluster. Network policies are crucial for controlling traffic flow within a Kubernetes cluster, enhancing its security posture by defining rules for incoming and outgoing network traffic. Without a network policy, a cluster may be more vulnerable to unauthorized access or malicious activity. Assigning a network policy helps in restricting traffic and reducing the attack surface.

Code Example

terraform

resource "yandex_kubernetes_cluster" "example" {
  network_policy_provider = "CALICO"
}

Remediation

Assign a network policy to the Kubernetes cluster by setting the network_policy_provider attribute.

Rule Details

Field	Value
ID	IAC-1349
Severity	MEDIUM
IaC Type	Terraform
Frameworks	yandex_kubernetes_cluster
Checkov ID	CKV_YC_16

References

Checkov Rule

Overview

SAST (Application Security)

SCA (Dependencies)

Secrets Detection

IaC Security

License Compliance

SAST Rules

IaC Rules

License Rules

Ensure network policy is assigned to Kubernetes cluster.

Description

Code Example

Remediation

Rule Details

References

SAST Rules

IaC Rules

License Rules

Ensure network policy is assigned to Kubernetes cluster. ​

Description ​

Code Example ​

Remediation ​

Rule Details ​

References ​

Ensure network policy is assigned to Kubernetes cluster.

Description

Code Example

Remediation

Rule Details

References