86 lines
1.8 KiB
JSON
86 lines
1.8 KiB
JSON
[
|
|
{
|
|
"name": "exclude-automountServiceAccountToken-checks",
|
|
"policyType": "postureExceptionPolicy",
|
|
"actions": [
|
|
"alertOnly"
|
|
],
|
|
"resources": [
|
|
{
|
|
"designatorType": "Attributes",
|
|
"attributes": {
|
|
"kind": "DaemonSet",
|
|
"name": "node-exporter"
|
|
}
|
|
},
|
|
{
|
|
"designatorType": "Attributes",
|
|
"attributes": {
|
|
"kind": "Deployment",
|
|
"name": "blackbox-exporter"
|
|
}
|
|
},
|
|
{
|
|
"designatorType": "Attributes",
|
|
"attributes": {
|
|
"kind": "Deployment",
|
|
"name": "kube-state-metrics"
|
|
}
|
|
},
|
|
{
|
|
"designatorType": "Attributes",
|
|
"attributes": {
|
|
"kind": "Deployment",
|
|
"name": "prometheus-adapter"
|
|
}
|
|
},
|
|
{
|
|
"designatorType": "Attributes",
|
|
"attributes": {
|
|
"kind": "Deployment",
|
|
"name": "prometheus-operator"
|
|
}
|
|
},
|
|
{
|
|
"designatorType": "Attributes",
|
|
"attributes": {
|
|
"kind": "ServiceAccount",
|
|
"name": "prometheus-k8s"
|
|
}
|
|
}
|
|
],
|
|
"posturePolicies": [
|
|
{
|
|
"controlName": "Automatic mapping of service account"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"name": "exclude-node-exporter-host-access-checks",
|
|
"policyType": "postureExceptionPolicy",
|
|
"actions": [
|
|
"alertOnly"
|
|
],
|
|
"resources": [
|
|
{
|
|
"designatorType": "Attributes",
|
|
"attributes": {
|
|
"kind": "DaemonSet",
|
|
"name": "node-exporter"
|
|
}
|
|
}
|
|
],
|
|
"posturePolicies": [
|
|
{
|
|
"controlName": "Container hostPort"
|
|
},
|
|
{
|
|
"controlName": "Host PID/IPC privileges"
|
|
},
|
|
{
|
|
"controlName": "HostNetwork access"
|
|
}
|
|
]
|
|
}
|
|
]
|