The following rules are included within PSRule.Rules.Kubernetes
.
Name | Synopsis | Severity |
---|---|---|
Kubernetes.API.v1.16 | Avoid using legacy API endpoints not served by Kubernetes v1.16. | Important |
Kubernetes.API.v1.17 | Avoid using legacy API endpoints not served by Kubernetes v1.17. | Important |
Kubernetes.API.v1.20 | Avoid using legacy API endpoints not served by Kubernetes v1.20. | Important |
Name | Synopsis | Severity |
---|---|---|
Kubernetes.Metadata | Use Kubernetes common labels. | Awareness |
Name | Synopsis | Severity |
---|---|---|
Kubernetes.Pod.Resources | Set CPU and memory requirements for each container. | Important |
Name | Synopsis | Severity |
---|---|---|
Kubernetes.Pod.Health | Containers should use liveness and readiness probes. | Important |
Kubernetes.Pod.Replicas | Use two or more replicas. | Important |
Name | Synopsis | Severity |
---|---|---|
Kubernetes.AKS.PublicLB | Use internal Azure load balancers. | Critical |
Kubernetes.Pod.Latest | Containers should use specific tags instead of latest. | Important |
Kubernetes.Pod.PrivilegeEscalation | Containers should deny privilege escalation. | Critical |
Kubernetes.Pod.Secrets | Sensitive environment variables should be referenced as a secret. | Critical |