This is a combination of default network policies within a namespace. No network communication is allowed by default, except for DNS resolution. Set all values to 'true' to remove all restrictions.
| Key | Type | Default | Description |
|---|---|---|---|
| allow_apiserver | bool | false |
Allow the namespace workloads access kube-apiserver endpoint |
| allow_egress_cluster_traffic | bool | false |
Allow outgoing traffic to other cluster namespaces |
| allow_egress_private_traffic | bool | false |
Allow outgoing traffic to internal networks |
| allow_egress_traffic | bool | false |
Allow all outgoing traffic |
| allow_ingress_cluster_traffic | bool | false |
Allow incoming traffic from other cluster namespaces |
| allow_ingress_private_traffic | bool | false |
Allow incoming traffic from internal networks |
| allow_ingress_traffic | bool | false |
Allow all incoming traffic |
| allow_internet | bool | false |
Allow Internet connectivity |
| allow_monitoring | bool | false |
Allow the namespace to be monitored by Prometheus |
| allow_namespace_traffic | bool | false |
Allow any traffic between the applications in this namespace |
| k8s_cluster_type | string | "self-hosted" |
Supported values for cluster type: "gke" or "self-hosted" |
| monitoring_namespace | string | "observability" |
Namespace where Prometheus instance is running |
Autogenerated from chart metadata using helm-docs v1.11.0