github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/kubernetes/policies/general - go module viewer
github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/kubernetes/policies/general (about)
CPU_not_limited.rego
CPU_not_limited_test.rego
CPU_requests_not_specified.rego
CPU_requests_not_specified_test.rego
SYS_ADMIN_capability.rego
SYS_ADMIN_capability_test.rego
allowing_create_role_binding_and_associate_privileged_clusterrole.rego
allowing_create_role_binding_and_associate_privileged_clusterrole_test.rego
allowing_create_role_clusterrolebinding_and_associate_privileged_clusterrole.rego
allowing_create_role_clusterrolebinding_and_associate_privileged_clusterrole_test.rego
allowing_to_update_a_malicious_pod.rego
allowing_to_update_a_malicious_pod_test.rego
allowing_users_rolebinding_add_other_users_rolebindings.rego
allowing_users_rolebinding_add_other_users_rolebindings_test.rego
any_any.rego
any_any_test.rego
any_verb.rego
any_verb_test.rego
attaching_pod_view_logs_realtime.rego
attaching_pod_view_logs_realtime_test.rego
capabilities_no_drop_all.rego
capabilities_no_drop_all_test.rego
delete_pod_logs.rego
delete_pod_logs_test.rego
file_system_not_read_only.rego
file_system_not_read_only_test.rego
get_shell_on_pod.rego
get_shell_on_pod_test.rego
impersonate_privileged_groups.rego
impersonate_privileged_groups_test.rego
manage_all_resources.rego
manage_all_resources_at_namespace.rego
manage_all_resources_at_the_namespace_test.rego
manage_all_resources_test.rego
manage_configmaps.rego
manage_configmaps_test.rego
manage_eks_iam_auth_configmap.rego
manage_eks_iam_auth_configmap_test.rego
manage_kubernetes_networking.rego
manage_kubernetes_networking_test.rego
manage_kubernetes_rbac_resources.rego
manage_kubernetes_rbac_resources_test.rego
manage_namespace_secrets.rego
manage_namespace_secrets_test.rego
manage_secrets.rego
manage_secrets_test.rego
manage_webhook_configurations.rego
manage_webhook_configurations_test.rego
memory_not_limited.rego
memory_not_limited_test.rego
memory_requests_not_specified.rego
memory_requests_not_specified_test.rego
mounts_docker_socket.rego
mounts_docker_socket_test.rego
privilege_escalation_from_node_proxy.rego
privilege_escalation_from_node_proxy_test.rego
runs_with_GID_le_10000.rego
runs_with_GID_le_10000_test.rego
runs_with_UID_le_10000.rego
runs_with_UID_le_10000_test.rego
runs_with_a_root_primary_or_supplementary_GID.rego
runs_with_a_root_primary_or_supplementary_GID_test.rego
tiller_is_deployed.rego
tiller_is_deployed_test.rego
uses_image_tag_latest.rego
uses_image_tag_latest_test.rego