This message was deleted Rancher Users #neuvector-security

Join Slack

This message was deleted.

# neuvector-security

adamant-kite-43734

08/01/2023, 6:17 AM

This message was deleted.

quaint-candle-18606

08/02/2023, 12:58 PM

How did you install NeuVector? (Helm? example yaml files? other?)

clean-postman-21544

08/02/2023, 1:00 PM

Helm. I used only

neuvector-core

chart.

✅ 1

quaint-candle-18606

08/02/2023, 1:26 PM

Maybe its crabby that you also didn’t add a namespace?

quaint-candle-18606

08/02/2023, 1:27 PM

a la

Copy code

metadata:
    name: user-created.test.deny
    namespace: test-deny

quaint-candle-18606

08/02/2023, 1:27 PM

The namespace needs to exist, as well

quaint-candle-18606

08/02/2023, 1:28 PM

It might be easier in the long run to create the CRD rule in NeuVector and export it versus hand-spinning it. Maybe. 🙂

quaint-candle-18606

08/02/2023, 1:44 PM

Copy code

apiVersion: <http://neuvector.com/v1|neuvector.com/v1>
kind: NvAdmissionControlSecurityRule
metadata:
  name: local
spec:
  config:
    client_mode: service
    enable: false
    mode: monitor
  rules:
  - action: deny
    comment: deny deployments to default ns
    criteria:
    - name: namespace
      op: containsAny
      path: namespace
      value: default
    rule_mode: protect

clean-postman-21544

08/03/2023, 6:25 AM

thank you Jorn! Your manifests worked, the

config

section helped.

🙌 1

49 Views

Open in Slack

Previous Next