Fury Kubernetes OPA provides a policy engine based on OPA Gatekeeper to enable custom policy enforcement in a Kubernetes Cluster.
The following packages are included in Fury Kubernetes OPA module:
- Gatekeeper: Ready to use gatekeeper deployment plus a set of rules. Version: v3.1.0-beta.8
- Gatekeeper Core: Gatekeeper deployment, ready to apply rules. Version: v3.1.0-beta.8
- Gatekeeper Rules: Gatekeeper rules:
- deny of docker images with latest tag
- deny of pods that have no limit declared (both cpu and memory)
- deny of pods that allow privilege escalation explicitly
- deny of pods that run as root
- deny of pods that doesn't declare livenessProbe and readinessProbe
- deny of duplicated ingresses
You can click on each package to see its documentation.
All packages in this repository have following dependencies, for package specific dependencies please visit the single package's documentation:
- Kubernetes >=
v1.14.0
- Furyctl package manager to download
Fury packages >=
v0.2.2
- Kustomize =
v3.3.0
Module Version / Kubernetes Version | 1.14.X | 1.15.X | 1.16.X |
---|---|---|---|
v1.0.0 | ✅ | ✅ | ✅ |
For license details please see LICENSE