Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bug(azure): cilium is missing in network_policy from Azure AKS resource #7297

Open
HujinoKun opened this issue Nov 20, 2024 · 0 comments
Open

bug(azure): cilium is missing in network_policy from Azure AKS resource #7297

HujinoKun opened this issue Nov 20, 2024 · 0 comments
Labels
azure PR related with Azure Cloud bug Something isn't working community Community contribution kubernetes Kubernetes query query New query feature terraform Terraform query

Comments

@HujinoKun
Copy link

Hello,

When I run a scan with kics, it tells me that I'm not using network_policy, even though I'm using cilium.

AKS Network Policy Misconfigured, Severity: LOW, Results: 1
Description: Azure Kubernetes Service should have the proper network policy configuration to ensure the principle of least privileges, which means that 'network_profile.network_policy' should be defined
Platform: Terraform
CWE: 285
Learn more about this vulnerability: https://docs.kics.io/latest/queries/terraform-queries/azure/f5342045-b935-402d-adf1-8dbbd09c0eef
	[1]: main.tf:145
		144:     network_plugin     = "azure"
		145:     network_policy     = "cilium"
		146:     network_data_plane = "cilium"

Looking at the alert and urls, I come across this code :

https://github.com/Checkmarx/kics/blob/master/assets/queries/terraform/azure/aks_network_policy_misconfigured/query.rego

Would you please add cilium to the list? it would be great 💯
@HujinoKun HujinoKun added bug Something isn't working community Community contribution labels Nov 20, 2024
@github-actions github-actions bot added query New query feature terraform Terraform query azure PR related with Azure Cloud kubernetes Kubernetes query labels Nov 20, 2024
@HujinoKun HujinoKun changed the title bug(AZURE/AKS): Cilium is missing in network_policy from Azure AKS resource bug(azure/aks): cilium is missing in network_policy from Azure AKS resource Nov 20, 2024
@HujinoKun HujinoKun changed the title bug(azure/aks): cilium is missing in network_policy from Azure AKS resource bug(azure): cilium is missing in network_policy from Azure AKS resource Nov 20, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
azure PR related with Azure Cloud bug Something isn't working community Community contribution kubernetes Kubernetes query query New query feature terraform Terraform query
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@HujinoKun