├── .github ├── dependabot.yml └── workflows │ └── validate.yml ├── .gitignore ├── CLAUDE.md ├── CODE_OF_CONDUCT.md ├── CONTRIBUTING.md ├── LICENSE ├── OWNERS ├── README.md ├── SECURITY.md ├── blogs └── README.md ├── community ├── AC-Access-Control │ ├── policy-configure-appworkloads-rbac-sample.yaml │ ├── policy-configure-clusterlevel-rbac.yaml │ ├── policy-gatekeeper-disallow-anonymous.yaml │ ├── policy-gatekeeper-limitclusteradmin.yaml │ ├── policy-rbac-adminiterpolicies-sample.yaml │ ├── policy-roles-no-wildcards.yaml │ └── policy-standalone-hubtemplate-config.yaml ├── AU-Audit-and-Accountability │ └── policy-openshift-audit-logs-sample.yaml ├── CA-Security-Assessment-and-Authorization │ ├── policy-check-fips.yaml │ └── policy-compliance-operator-install-upstream.yaml ├── CM-Configuration-Management │ ├── acm-app-pv-backup │ │ ├── README.md │ │ ├── input │ │ │ ├── pv-snap │ │ │ │ └── hdr-app-configmap.txt │ │ │ └── restic │ │ │ │ └── hdr-app-configmap.txt │ │ └── resources │ │ │ ├── policies │ │ │ ├── oadp-hdr-app-backup.yaml │ │ │ ├── oadp-hdr-app-install.yaml │ │ │ └── oadp-hdr-app-restore.yaml │ │ │ └── policy-sets │ │ │ ├── acm-app-backup-policy-set.yaml │ │ │ └── acm-app-restore-policy-set.yaml │ ├── acm-hub-pvc-backup │ │ ├── README.md │ │ ├── acm-hub-pvc-backup-config.yaml │ │ ├── acm-hub-pvc-backup-destination.yaml │ │ ├── acm-hub-pvc-backup-policyset.yaml │ │ ├── acm-hub-pvc-backup-source.yaml │ │ ├── acm-hub-pvc-placement.yaml │ │ └── images │ │ │ ├── backup_dest_policy.png │ │ │ ├── backup_dest_policy_1.png │ │ │ ├── backup_source_policy.png │ │ │ ├── backup_source_policy_1.png │ │ │ ├── config_policy.png │ │ │ ├── policies.png │ │ │ ├── policyset.png │ │ │ ├── restore_dest_policy.png │ │ │ ├── restore_dest_policy_1.png │ │ │ ├── restore_dest_pvc.png │ │ │ ├── restore_dest_rd.png │ │ │ └── restore_source_policy.png │ ├── policy-acs-operator-central.yaml │ ├── policy-acs-operator-secured-clusters.yaml │ ├── policy-ansible-awx-operator.yaml │ ├── policy-argocd-kubernetes.yaml │ ├── policy-automation-operator.yaml │ ├── policy-autoscaler-templatized.yaml │ ├── policy-autoscaler.yaml │ ├── policy-aws-machine-sets.yaml │ ├── policy-cert-manager-operator.yaml │ ├── policy-check-policyreports.yaml │ ├── policy-check-reports.yaml │ ├── policy-cluster-dns-sample.yaml │ ├── policy-cluster-logforwarder-templatized.yaml │ ├── policy-cluster-network-sample.yaml │ ├── policy-cluster-proxy-sample.yaml │ ├── policy-compliance-operator-high-scan.yaml │ ├── policy-compliance-operator-hypershift-hosted-cluster.yaml │ ├── policy-compliance-operator-moderate-scan.yaml │ ├── policy-compliance-operator-nerc-cip-scan.yaml │ ├── policy-compliance-operator-pci-dss-scan.yaml │ ├── policy-configure-logforwarding.yaml │ ├── policy-configure-subscription-admin-hub.yaml │ ├── policy-continuous-restore-backup-triliovault-for-kubernetes.yaml │ ├── policy-continuous-restore-event-target-triliovault-for-kubernetes.yaml │ ├── policy-continuous-restore-triliovault-for-kubernetes.yaml │ ├── policy-create-helm-backup-triliovault-for-kubernetes.yaml │ ├── policy-create-label-backup-triliovault-for-kubernetes.yaml │ ├── policy-create-license-triliovault-for-kubernetes-upstream.yaml │ ├── policy-create-ns-backup-triliovault-for-kubernetes-templatized.yaml │ ├── policy-create-ns-backup-triliovault-for-kubernetes.yaml │ ├── policy-create-operator-backup-triliovault-for-kubernetes.yaml │ ├── policy-custom-catalog.yaml │ ├── policy-egress-firewall-sample.yaml │ ├── policy-enable-if-etcd-encrypted-templatized.yaml │ ├── policy-enable-if-ns-exists-templatized.yaml │ ├── policy-engineering-configmap.yaml │ ├── policy-engineering-pod-disruption-budget.yaml │ ├── policy-etcd-backup.yaml │ ├── policy-file-integrity-operator.yaml │ ├── policy-gatekeeper-allowed-external-ips.yaml │ ├── policy-gatekeeper-annotation-owner.yaml │ ├── policy-gatekeeper-container-image-latest.yaml │ ├── policy-gatekeeper-container-livenessprobenotset.yaml │ ├── policy-gatekeeper-container-readinessprobenotset.yaml │ ├── policy-gatekeeper-container-tgps.yaml │ ├── policy-gatekeeper-image-pull-policy.yaml │ ├── policy-gatekeeper-operator.yaml │ ├── policy-gatekeeper-sample.yaml │ ├── policy-github-oauth-sample.yaml │ ├── policy-idp-operator.yaml │ ├── policy-idp-sample-github.yaml │ ├── policy-image-policy-sample.yaml │ ├── policy-ingress-controller.yaml │ ├── policy-install-external-secrets.yaml │ ├── policy-install-kyverno.yaml │ ├── policy-install-triliovault-for-kubernetes-using-helm.yaml │ ├── policy-install-triliovault-for-kubernetes.yaml │ ├── policy-integrity-shield-events.yaml │ ├── policy-integrity-shield-observer.yaml │ ├── policy-integrity-shield.yaml │ ├── policy-kernel-devel.yaml │ ├── policy-kyverno-add-network-policy.yaml │ ├── policy-kyverno-add-quota.yaml │ ├── policy-kyverno-config-exclude-resources.yaml │ ├── policy-kyverno-container-tgps.yaml │ ├── policy-kyverno-image-pull-policy.yaml │ ├── policy-kyverno-operator.yaml │ ├── policy-kyverno-sample.yaml │ ├── policy-kyverno-sync-secrets.yaml │ ├── policy-label-cluster.yaml │ ├── policy-label-worker-nodes.yaml │ ├── policy-local-storage-operator.yaml │ ├── policy-lvm-operator.yaml │ ├── policy-machineconfig-chrony.yaml │ ├── policy-managedclusterinfo-templatized.yaml │ ├── policy-managedclustersetbinding.yaml │ ├── policy-mce-hcp-autoimport.yaml │ ├── policy-network-policy-samples.yaml │ ├── policy-nginx-deployment-templatized.yaml │ ├── policy-nginx-deployment.yaml │ ├── policy-oadp.yaml │ ├── policy-oauth-config.yaml │ ├── policy-oauth-htpasswd.yaml │ ├── policy-oauth-ldapsync.yaml │ ├── policy-oc-client-cronjob.yaml │ ├── policy-odf.yaml │ ├── policy-opa-sample.yaml │ ├── policy-openshift-gitops-policygenerator.yaml │ ├── policy-openshift-gitops.yaml │ ├── policy-openshift-serverless.yaml │ ├── policy-openshift-servicemesh.yaml │ ├── policy-pao-operator.yaml │ ├── policy-persistent-data-management.yaml │ ├── policy-pod-disruption-budget-templatized.yaml │ ├── policy-pod-placement.yaml │ ├── policy-proxy-protocol.yaml │ ├── policy-ptp-operator.yaml │ ├── policy-resiliency-image-pruner.yaml │ ├── policy-rhoda-operator.yaml │ ├── policy-rosa-autoimport.yaml │ ├── policy-scheduler.yaml │ ├── policy-sriov-operator.yaml │ ├── policy-sriovnetwork-templatized.yaml │ ├── policy-trusted-container.yaml │ ├── policy-trusted-node.yaml │ ├── policy-update-service-openshift-cluster.yaml │ ├── policy-upgrade-openshift-cluster.yaml │ ├── policy-vsphere-machine-set.yaml │ ├── policy-web-terminal-operator.yaml │ ├── policy-ztp-node-add-static.yaml │ ├── policy-ztp-node-add.yaml │ ├── policy-zts-cmc-deployment.yaml │ ├── policy-zts-xcrypt-deployment.yaml │ ├── policy-zts-xcrypt-rbac.yaml │ └── terminating-configpolicies.yaml ├── Operator-Management │ ├── README.md │ └── policy-cnv-mtv-operators │ │ ├── README.md │ │ ├── placement-cnv.yaml │ │ ├── policy-cnv.yaml │ │ └── policy-mtv.yaml ├── README.md ├── SC-System-and-Communications-Protection │ ├── policy-checkclusteroperator.yaml │ ├── policy-checknamespaces-terminating.yaml │ ├── policy-disable-self-provisioner.yaml │ ├── policy-ocp4-certs.yaml │ └── policy-remove-kubeadmin.yaml └── SI-System-and-Information-Integrity │ ├── policy-blackduck.yaml │ ├── policy-crowdstrike-falcon-rhmp.yaml │ ├── policy-falco-auditing.yaml │ ├── policy-falco-helm.yaml │ ├── policy-falco.yaml │ └── policy-sysdig.yaml ├── deploy ├── README.md ├── application.yaml ├── application_template.json ├── argoDeploy.sh ├── channel.yaml ├── channel_template.json ├── deploy.sh ├── kustomization_template.yaml ├── placement.yaml ├── placement_template.json ├── remove.sh ├── subscription.yaml ├── subscription_placement_template.json └── subscription_template.json ├── policygenerator ├── README.md ├── kustomize │ ├── kustomization.yml │ ├── policy1_deployment │ │ ├── deployment.yaml │ │ ├── namespace.yaml │ │ ├── route.yaml │ │ └── service.yaml │ ├── policy2_gatekeeper │ │ └── gatekeeper.yaml │ ├── policy3_kyverno │ │ └── kyverno.yaml │ └── policyGenerator.yaml ├── policy-sets │ ├── README.md │ ├── community │ │ ├── README.md │ │ ├── acs-secure │ │ │ ├── README.md │ │ │ ├── input-sensor │ │ │ │ ├── acs-check-certificates.yaml │ │ │ │ ├── policy-acs-sync-resources.yaml │ │ │ │ ├── policy-advanced-managed-cluster-security.yaml │ │ │ │ └── policy-advanced-managed-cluster-status.yaml │ │ │ ├── kustomization.yml │ │ │ └── policyGenerator.yaml │ │ ├── gatekeeper │ │ │ ├── README.md │ │ │ ├── images │ │ │ │ ├── policies-installed.png │ │ │ │ ├── policies.png │ │ │ │ ├── policysets.png │ │ │ │ ├── subscription.png │ │ │ │ └── topology.png │ │ │ ├── input │ │ │ │ ├── any-warn-deprecated-api-versions │ │ │ │ │ ├── src.rego │ │ │ │ │ └── src_test.rego │ │ │ │ ├── container-deny-added-caps │ │ │ │ │ ├── constraint.yaml │ │ │ │ │ └── template.yaml │ │ │ │ ├── container-deny-escalation │ │ │ │ │ ├── constraint.yaml │ │ │ │ │ └── template.yaml │ │ │ │ ├── container-deny-latest-tag │ │ │ │ │ ├── constraint.yaml │ │ │ │ │ └── template.yaml │ │ │ │ ├── container-deny-no-resource-constraints │ │ │ │ │ ├── constraint.yaml │ │ │ │ │ └── template.yaml │ │ │ │ ├── container-deny-privileged-if-tenant │ │ │ │ │ ├── constraint.yaml │ │ │ │ │ └── template.yaml │ │ │ │ ├── container-deny-privileged │ │ │ │ │ ├── constraint.yaml │ │ │ │ │ └── template.yaml │ │ │ │ ├── lib │ │ │ │ │ ├── core.rego │ │ │ │ │ ├── pods.rego │ │ │ │ │ ├── psp.rego │ │ │ │ │ ├── psp_test.rego │ │ │ │ │ ├── rbac.rego │ │ │ │ │ └── security.rego │ │ │ │ ├── pod-deny-host-alias │ │ │ │ │ ├── constraint.yaml │ │ │ │ │ └── template.yaml │ │ │ │ ├── pod-deny-host-ipc │ │ │ │ │ ├── constraint.yaml │ │ │ │ │ └── template.yaml │ │ │ │ ├── pod-deny-host-network │ │ │ │ │ ├── constraint.yaml │ │ │ │ │ └── template.yaml │ │ │ │ ├── pod-deny-host-pid │ │ │ │ │ ├── constraint.yaml │ │ │ │ │ └── template.yaml │ │ │ │ ├── pod-deny-without-runasnonroot │ │ │ │ │ ├── constraint.yaml │ │ │ │ │ └── template.yaml │ │ │ │ ├── suspicious_assignment_of_controller_service_accounts │ │ │ │ │ ├── constraint.yaml │ │ │ │ │ └── template.yaml │ │ │ │ └── suspicious_self_subject_review │ │ │ │ │ ├── constraint.yaml │ │ │ │ │ └── template.yaml │ │ │ ├── kustomization.yml │ │ │ ├── placement.yaml │ │ │ └── policyGenerator.yaml │ │ ├── kyverno │ │ │ ├── README.md │ │ │ ├── best-practises-for-apps │ │ │ │ ├── README.md │ │ │ │ ├── input │ │ │ │ │ ├── affinity │ │ │ │ │ │ ├── add_node_affinity.yaml │ │ │ │ │ │ ├── create_pod_antiaffinity.yaml │ │ │ │ │ │ └── spread_pods_across_topology.yaml │ │ │ │ │ ├── base_images │ │ │ │ │ │ ├── allowed-base-images.yaml │ │ │ │ │ │ └── annotate-base-images.yaml │ │ │ │ │ ├── deployments │ │ │ │ │ │ ├── add_volume_deployment.yaml │ │ │ │ │ │ ├── mutate-large-termination-gps.yaml │ │ │ │ │ │ ├── restart_deployment_on_secret_change.yaml │ │ │ │ │ │ └── scale_deployment_zero.yaml │ │ │ │ │ ├── limitsrequests │ │ │ │ │ │ └── require_requests_limits.yaml │ │ │ │ │ ├── poddisruptionbudget │ │ │ │ │ │ └── create_default_pdb.yaml │ │ │ │ │ ├── require_deployments_have_multiple_replicas │ │ │ │ │ │ ├── deployment-musthaverolling-strategy.yaml │ │ │ │ │ │ └── require_deployments_have_multiple_replicas.yaml │ │ │ │ │ ├── require_probes │ │ │ │ │ │ ├── ensure_probes_different.yaml │ │ │ │ │ │ └── require_probes.yaml │ │ │ │ │ ├── resource-exhaustion │ │ │ │ │ │ └── disallow-self-provisioner │ │ │ │ │ │ │ └── disallow-self-provisioner.yaml │ │ │ │ │ ├── restrict_controlplane_scheduling │ │ │ │ │ │ └── restrict_controlplane_scheduling.yaml │ │ │ │ │ ├── routes │ │ │ │ │ │ └── check-routes.yaml │ │ │ │ │ └── validate_git │ │ │ │ │ │ └── validategit.yaml │ │ │ │ ├── kustomization.yml │ │ │ │ ├── placement.yaml │ │ │ │ └── policyGenerator.yaml │ │ │ ├── images │ │ │ │ ├── applications.png │ │ │ │ ├── policies-installed.png │ │ │ │ ├── policies.png │ │ │ │ ├── policysets.png │ │ │ │ ├── subscription.png │ │ │ │ └── topology.png │ │ │ ├── multitenancy │ │ │ │ ├── README.md │ │ │ │ ├── input │ │ │ │ │ ├── addlabelstotenant │ │ │ │ │ │ ├── add-labels-to-bluetenant.yaml │ │ │ │ │ │ └── add-labels-to-redtenant.yaml │ │ │ │ │ ├── disallowplacementrules │ │ │ │ │ │ └── disallow-placementRules.yaml │ │ │ │ │ ├── generateManagedClusterSetBinding │ │ │ │ │ │ ├── generateManagedClusterSetBindingblueteam-hub.yaml │ │ │ │ │ │ └── generateManagedClusterSetBindingredteam-hub.yaml │ │ │ │ │ ├── generatePlacementRules │ │ │ │ │ │ ├── generatePlacementblueteam-hub.yaml │ │ │ │ │ │ └── generatePlacementredteam-hub.yaml │ │ │ │ │ ├── generateall │ │ │ │ │ │ ├── generate-all-blueteam-spoke.yml │ │ │ │ │ │ └── generate-all-redteam-spoke.yml │ │ │ │ │ ├── generateargocdpersmissions │ │ │ │ │ │ ├── generate-argocd-permissions-blueteam-spoke.yaml │ │ │ │ │ │ └── generate-argocd-permissions-redteam-spoke.yaml │ │ │ │ │ ├── other │ │ │ │ │ │ └── add-ttl-to-dangling-job.yaml │ │ │ │ │ ├── preventupdatesappproject │ │ │ │ │ │ └── application-prevent-updates-project-all.yaml │ │ │ │ │ ├── restrictions │ │ │ │ │ │ ├── restrict-blueteam-destination-spoke.yaml │ │ │ │ │ │ ├── restrict-blueteam-to-its-appproject-all.yaml │ │ │ │ │ │ ├── restrict-blueteam-to-its-placement-hub.yaml │ │ │ │ │ │ ├── restrict-redteam-destination-spoke.yaml │ │ │ │ │ │ ├── restrict-redteam-to-its-appproject-hub.yaml │ │ │ │ │ │ └── restrict-redteam-to-its-placement-hub.yaml │ │ │ │ │ ├── sharedresources │ │ │ │ │ │ └── add-managedclustersetbinding-shared-sre-group.yaml │ │ │ │ │ ├── validatens │ │ │ │ │ │ ├── validate-ns-bluesre-spoke.yaml │ │ │ │ │ │ └── validate-ns-redsre-spoke.yaml │ │ │ │ │ └── validateplacement │ │ │ │ │ │ ├── preventupdates-appproject-all.yaml │ │ │ │ │ │ ├── validateplacementblueteam-hub.yml │ │ │ │ │ │ └── validateplacementredteam-hub.yml │ │ │ │ ├── kustomization.yaml │ │ │ │ ├── placement.yaml │ │ │ │ └── policyGenerator.yaml │ │ │ └── security │ │ │ │ ├── README.md │ │ │ │ ├── input │ │ │ │ ├── authorization │ │ │ │ │ ├── disallow-scc-runasany.yaml │ │ │ │ │ ├── host-namespaces │ │ │ │ │ │ ├── disallow-host-ipc.yaml │ │ │ │ │ │ ├── disallow-host-network.yaml │ │ │ │ │ │ ├── disallow-host-pid.yaml │ │ │ │ │ │ └── disallow-host-ports.yaml │ │ │ │ │ └── protect-default-scc │ │ │ │ │ │ └── protect-default-scc.yaml │ │ │ │ ├── disallow-host-namespaces │ │ │ │ │ └── disallow-host-namespaces.yaml │ │ │ │ ├── disallow_latest_tag │ │ │ │ │ └── disallow_latest_tag.yaml │ │ │ │ ├── httpsonly │ │ │ │ │ └── httpsonly.yaml │ │ │ │ ├── networking │ │ │ │ │ └── block-nodeport-services │ │ │ │ │ │ └── block-nodeport-services.yaml │ │ │ │ ├── require-run-as-non-root-user │ │ │ │ │ ├── require-run-as-non-root-user.yaml │ │ │ │ │ └── restrictions │ │ │ │ │ │ ├── restrict-blueteam-destination-spoke.yaml │ │ │ │ │ │ ├── restrict-blueteam-to-its-appproject-all.yaml │ │ │ │ │ │ ├── restrict-blueteam-to-its-placement-hub.yaml │ │ │ │ │ │ ├── restrict-redteam-destination-spoke.yaml │ │ │ │ │ │ ├── restrict-redteam-to-its-appproject-hub.yaml │ │ │ │ │ │ └── restrict-redteam-to-its-placement-hub.yaml │ │ │ │ ├── restrict-binding-clusteradmin │ │ │ │ │ ├── block-stale-images │ │ │ │ │ │ └── block-stale-images.yaml │ │ │ │ │ └── restrict-binding-clusteradmin.yaml │ │ │ │ ├── restrict-clusterrole-nodesproxy │ │ │ │ │ └── restrict-clusterrole-nodesproxy.yaml │ │ │ │ ├── restrict-escalation-verbs-roles │ │ │ │ │ └── restrict-escalation-verbs-roles.yaml │ │ │ │ ├── restrict-ingress-wildcard │ │ │ │ │ └── restrict-ingress-wildcard.yaml │ │ │ │ ├── restrict-secret-role-verbs │ │ │ │ │ └── restrict-secret-role-verbs.yaml │ │ │ │ ├── restrict-service-account │ │ │ │ │ └── restrict_service_account.yaml │ │ │ │ ├── restrict-wildcard-resources │ │ │ │ │ └── restrict-wildcard-resources.yaml │ │ │ │ ├── restrict-wildcard-verbs │ │ │ │ │ └── restrict-wildcard-verbs.yaml │ │ │ │ ├── restrict_annotations │ │ │ │ │ └── restrict_annotations.yaml │ │ │ │ ├── restrict_automount_sa_token │ │ │ │ │ └── restrict_automount_sa_token.yaml │ │ │ │ ├── restrict_ingress_classes │ │ │ │ │ └── restrict_ingress_classes.yaml │ │ │ │ ├── restrict_ingress_defaultbackend │ │ │ │ │ └── restrict_ingress_defaultbackend.yaml │ │ │ │ ├── restrict_ingress_host │ │ │ │ │ └── restrict_ingress_host.yaml │ │ │ │ ├── restrict_loadbalancer │ │ │ │ │ └── restrict_loadbalancer.yaml │ │ │ │ ├── restrict_node_selection │ │ │ │ │ └── restrict_node_selection.yaml │ │ │ │ ├── restrict_secrets_by_label │ │ │ │ │ └── restrict-secrets-by-label.yaml │ │ │ │ ├── restrict_secrets_by_name │ │ │ │ │ └── restrict-secrets-by-name.yaml │ │ │ │ ├── restrict_service_port_range │ │ │ │ │ └── restrict-service-port-range.yaml │ │ │ │ ├── restrict_usergroup_fsgroup_id │ │ │ │ │ └── restrict_usergroup_fsgroup_id.yaml │ │ │ │ └── security-context-contraint │ │ │ │ │ └── disallow-security-context-constraint-anyuid.yaml │ │ │ │ ├── kustomization.yml │ │ │ │ ├── placement.yaml │ │ │ │ └── policyGenerator.yaml │ │ ├── ocp-best-practices │ │ │ ├── input-admin │ │ │ │ └── policy-remove-kubeadmin.yaml │ │ │ ├── input-audit │ │ │ │ └── policy-config-audit.yaml │ │ │ ├── input-certs │ │ │ │ └── policy-ocp4-certs.yaml │ │ │ ├── input-compliance │ │ │ │ ├── policy-compliance-operator-install.yaml │ │ │ │ ├── policy-compliance-operator-moderate-scan.yaml │ │ │ │ └── policy-compliance-operator-scan-results.yaml │ │ │ ├── input-etcd │ │ │ │ ├── policy-etcd-backup.yaml │ │ │ │ └── policy-etcdencryption.yaml │ │ │ ├── input-files │ │ │ │ ├── policy-file-integrity-node-status.yaml │ │ │ │ └── policy-file-integrity-operator.yaml │ │ │ ├── input-fips │ │ │ │ └── policy-check-fips.yaml │ │ │ ├── input-operators │ │ │ │ └── policy-checkclusteroperator.yaml │ │ │ ├── input-scc │ │ │ │ └── policy-scc-restricted.yaml │ │ │ ├── input │ │ │ │ └── placement.yaml │ │ │ ├── kustomization.yml │ │ │ └── policyGenerator.yaml │ │ ├── openshift-gitops │ │ │ ├── README.md │ │ │ ├── kustomization.yml │ │ │ ├── placement.yaml │ │ │ ├── policy-openshift-gitops-grc.yaml │ │ │ ├── policy-openshift-gitops.yaml │ │ │ └── policyGenerator.yaml │ │ ├── openshift-plus-setup │ │ │ ├── README.md │ │ │ ├── kustomization.yml │ │ │ ├── machine-sets.yaml │ │ │ ├── managedclustersetbinding.yaml │ │ │ ├── namespace.yaml │ │ │ ├── opp-settings.yaml │ │ │ ├── placement.yaml │ │ │ ├── policyGenerator.yaml │ │ │ └── test │ │ │ │ ├── README.md │ │ │ │ ├── aws │ │ │ │ ├── cluster-claim.yaml │ │ │ │ ├── example-drtt7-workerocs-us-east-2a.yaml │ │ │ │ ├── example-drtt7-workerocs-us-east-2b.yaml │ │ │ │ ├── example-drtt7-workerocs-us-east-2c.yaml │ │ │ │ ├── infrastructure.yaml │ │ │ │ └── opp-settings.yaml │ │ │ │ ├── mappings.yaml │ │ │ │ └── vsphere │ │ │ │ ├── ci-op-ldb7hpt4-d53f7-srxtz-storage.yaml │ │ │ │ ├── cluster-claim.yaml │ │ │ │ ├── infrastructure.yaml │ │ │ │ └── opp-settings.yaml │ │ ├── policygenerator-download │ │ │ ├── consoleclidownload.yml │ │ │ ├── deployment.yml │ │ │ ├── generator.yml │ │ │ ├── kustomization.yaml │ │ │ ├── namespace.yml │ │ │ ├── route.yml │ │ │ └── service.yml │ │ └── zts-xcrypt │ │ │ ├── README.md │ │ │ ├── input │ │ │ ├── operator-dh-v1-local.yaml │ │ │ ├── operator-executor.yaml │ │ │ ├── placementrule.yaml │ │ │ ├── xcrypt.zettaset.com_xcrypts.yaml │ │ │ └── zts-rbac.yaml │ │ │ ├── policy-zts-xcrypt-version-1.yaml │ │ │ └── policyGenerator.yaml │ └── stable │ │ ├── README.md │ │ ├── acm-hardening │ │ ├── README.md │ │ ├── input-backup │ │ │ └── policy-backup.yaml │ │ ├── input-managedcluster │ │ │ └── policy-managedclusteraddon-available.yaml │ │ ├── input-policyreport │ │ │ └── policy-check-policyreports.yaml │ │ ├── input-subscriptions │ │ │ └── policy-subscriptions.yaml │ │ ├── input │ │ │ └── placement.yaml │ │ ├── kustomization.yml │ │ └── policyGenerator.yaml │ │ └── openshift-plus │ │ ├── README.md │ │ ├── input-acm-observability │ │ ├── operator.yaml │ │ └── storage.yaml │ │ ├── input-acs-central │ │ ├── policy-acs-central-status.yaml │ │ └── policy-acs-operator-central.yaml │ │ ├── input-compliance │ │ └── policy-compliance-operator-install.yaml │ │ ├── input-odf │ │ ├── policy-object-storage.yaml │ │ ├── policy-odf-cluster.yaml │ │ ├── policy-odf-status.yaml │ │ └── policy-odf.yaml │ │ ├── input-quay │ │ ├── policy-config-quay.yaml │ │ ├── policy-hub-quay-bridge.yaml │ │ ├── policy-install-quay.yaml │ │ ├── policy-quay-bridge.yaml │ │ └── policy-quay-status.yaml │ │ ├── input-sensor │ │ ├── acs-check-certificates.yaml │ │ ├── policy-acs-central-ca-bundle-expired.yaml │ │ ├── policy-acs-central-ca-bundle-v1.yaml │ │ ├── policy-acs-central-ca-bundle-v2.yaml │ │ ├── policy-acs-central-ca-bundle.yaml │ │ ├── policy-acs-sync-resources.yaml │ │ ├── policy-advanced-managed-cluster-security.yaml │ │ └── policy-advanced-managed-cluster-status.yaml │ │ ├── input │ │ ├── clusters-placement.yaml │ │ └── hub-placement.yaml │ │ ├── kustomization.yml │ │ └── policyGenerator.yaml └── subscription.yaml └── stable ├── AC-Access-Control ├── README.md ├── policy-role.yaml └── policy-rolebinding.yaml ├── CA-Security-Assessment-and-Authorization ├── README.md └── policy-compliance-operator-install.yaml ├── CM-Configuration-Management ├── README.md ├── argocd-policy-healthchecks.yaml ├── policy-compliance-operator-cis-scan.yaml ├── policy-compliance-operator-e8-scan.yaml ├── policy-gatekeeper-operator-downstream.yaml ├── policy-namespace.yaml ├── policy-pod.yaml └── policy-zts-cmc.yaml ├── README.md ├── SC-System-and-Communications-Protection ├── README.md ├── policy-certificate.yaml ├── policy-etcdencryption.yaml ├── policy-limitmemory.yaml ├── policy-psp.yaml └── policy-scc.yaml └── SI-System-and-Information-Integrity ├── README.md └── policy-imagemanifestvuln.yaml /.github/dependabot.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/.github/dependabot.yml -------------------------------------------------------------------------------- /.github/workflows/validate.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/.github/workflows/validate.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | deploy/manifests.yaml 2 | .idea 3 | bin 4 | schemas 5 | -------------------------------------------------------------------------------- /CLAUDE.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/CLAUDE.md -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/CODE_OF_CONDUCT.md -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/CONTRIBUTING.md -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/LICENSE -------------------------------------------------------------------------------- /OWNERS: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/OWNERS -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/README.md -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/SECURITY.md -------------------------------------------------------------------------------- /blogs/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/blogs/README.md -------------------------------------------------------------------------------- /community/AC-Access-Control/policy-configure-appworkloads-rbac-sample.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/AC-Access-Control/policy-configure-appworkloads-rbac-sample.yaml -------------------------------------------------------------------------------- /community/AC-Access-Control/policy-configure-clusterlevel-rbac.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/AC-Access-Control/policy-configure-clusterlevel-rbac.yaml -------------------------------------------------------------------------------- /community/AC-Access-Control/policy-gatekeeper-disallow-anonymous.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/AC-Access-Control/policy-gatekeeper-disallow-anonymous.yaml -------------------------------------------------------------------------------- /community/AC-Access-Control/policy-gatekeeper-limitclusteradmin.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/AC-Access-Control/policy-gatekeeper-limitclusteradmin.yaml -------------------------------------------------------------------------------- /community/AC-Access-Control/policy-rbac-adminiterpolicies-sample.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/AC-Access-Control/policy-rbac-adminiterpolicies-sample.yaml -------------------------------------------------------------------------------- /community/AC-Access-Control/policy-roles-no-wildcards.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/AC-Access-Control/policy-roles-no-wildcards.yaml -------------------------------------------------------------------------------- /community/AC-Access-Control/policy-standalone-hubtemplate-config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/AC-Access-Control/policy-standalone-hubtemplate-config.yaml -------------------------------------------------------------------------------- /community/AU-Audit-and-Accountability/policy-openshift-audit-logs-sample.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/AU-Audit-and-Accountability/policy-openshift-audit-logs-sample.yaml -------------------------------------------------------------------------------- /community/CA-Security-Assessment-and-Authorization/policy-check-fips.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CA-Security-Assessment-and-Authorization/policy-check-fips.yaml -------------------------------------------------------------------------------- /community/CA-Security-Assessment-and-Authorization/policy-compliance-operator-install-upstream.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CA-Security-Assessment-and-Authorization/policy-compliance-operator-install-upstream.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/acm-app-pv-backup/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/acm-app-pv-backup/README.md -------------------------------------------------------------------------------- /community/CM-Configuration-Management/acm-app-pv-backup/input/pv-snap/hdr-app-configmap.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/acm-app-pv-backup/input/pv-snap/hdr-app-configmap.txt -------------------------------------------------------------------------------- /community/CM-Configuration-Management/acm-app-pv-backup/input/restic/hdr-app-configmap.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/acm-app-pv-backup/input/restic/hdr-app-configmap.txt -------------------------------------------------------------------------------- /community/CM-Configuration-Management/acm-app-pv-backup/resources/policies/oadp-hdr-app-backup.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/acm-app-pv-backup/resources/policies/oadp-hdr-app-backup.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/acm-app-pv-backup/resources/policies/oadp-hdr-app-install.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/acm-app-pv-backup/resources/policies/oadp-hdr-app-install.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/acm-app-pv-backup/resources/policies/oadp-hdr-app-restore.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/acm-app-pv-backup/resources/policies/oadp-hdr-app-restore.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/acm-app-pv-backup/resources/policy-sets/acm-app-backup-policy-set.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/acm-app-pv-backup/resources/policy-sets/acm-app-backup-policy-set.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/acm-app-pv-backup/resources/policy-sets/acm-app-restore-policy-set.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/acm-app-pv-backup/resources/policy-sets/acm-app-restore-policy-set.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/acm-hub-pvc-backup/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/acm-hub-pvc-backup/README.md -------------------------------------------------------------------------------- /community/CM-Configuration-Management/acm-hub-pvc-backup/acm-hub-pvc-backup-config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/acm-hub-pvc-backup/acm-hub-pvc-backup-config.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/acm-hub-pvc-backup/acm-hub-pvc-backup-destination.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/acm-hub-pvc-backup/acm-hub-pvc-backup-destination.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/acm-hub-pvc-backup/acm-hub-pvc-backup-policyset.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/acm-hub-pvc-backup/acm-hub-pvc-backup-policyset.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/acm-hub-pvc-backup/acm-hub-pvc-backup-source.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/acm-hub-pvc-backup/acm-hub-pvc-backup-source.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/acm-hub-pvc-backup/acm-hub-pvc-placement.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/acm-hub-pvc-backup/acm-hub-pvc-placement.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/acm-hub-pvc-backup/images/backup_dest_policy.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/acm-hub-pvc-backup/images/backup_dest_policy.png -------------------------------------------------------------------------------- /community/CM-Configuration-Management/acm-hub-pvc-backup/images/backup_dest_policy_1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/acm-hub-pvc-backup/images/backup_dest_policy_1.png -------------------------------------------------------------------------------- /community/CM-Configuration-Management/acm-hub-pvc-backup/images/backup_source_policy.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/acm-hub-pvc-backup/images/backup_source_policy.png -------------------------------------------------------------------------------- /community/CM-Configuration-Management/acm-hub-pvc-backup/images/backup_source_policy_1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/acm-hub-pvc-backup/images/backup_source_policy_1.png -------------------------------------------------------------------------------- /community/CM-Configuration-Management/acm-hub-pvc-backup/images/config_policy.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/acm-hub-pvc-backup/images/config_policy.png -------------------------------------------------------------------------------- /community/CM-Configuration-Management/acm-hub-pvc-backup/images/policies.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/acm-hub-pvc-backup/images/policies.png -------------------------------------------------------------------------------- /community/CM-Configuration-Management/acm-hub-pvc-backup/images/policyset.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/acm-hub-pvc-backup/images/policyset.png -------------------------------------------------------------------------------- /community/CM-Configuration-Management/acm-hub-pvc-backup/images/restore_dest_policy.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/acm-hub-pvc-backup/images/restore_dest_policy.png -------------------------------------------------------------------------------- /community/CM-Configuration-Management/acm-hub-pvc-backup/images/restore_dest_policy_1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/acm-hub-pvc-backup/images/restore_dest_policy_1.png -------------------------------------------------------------------------------- /community/CM-Configuration-Management/acm-hub-pvc-backup/images/restore_dest_pvc.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/acm-hub-pvc-backup/images/restore_dest_pvc.png -------------------------------------------------------------------------------- /community/CM-Configuration-Management/acm-hub-pvc-backup/images/restore_dest_rd.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/acm-hub-pvc-backup/images/restore_dest_rd.png -------------------------------------------------------------------------------- /community/CM-Configuration-Management/acm-hub-pvc-backup/images/restore_source_policy.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/acm-hub-pvc-backup/images/restore_source_policy.png -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-acs-operator-central.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-acs-operator-central.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-acs-operator-secured-clusters.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-acs-operator-secured-clusters.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-ansible-awx-operator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-ansible-awx-operator.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-argocd-kubernetes.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-argocd-kubernetes.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-automation-operator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-automation-operator.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-autoscaler-templatized.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-autoscaler-templatized.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-autoscaler.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-autoscaler.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-aws-machine-sets.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-aws-machine-sets.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-cert-manager-operator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-cert-manager-operator.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-check-policyreports.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-check-policyreports.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-check-reports.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-check-reports.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-cluster-dns-sample.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-cluster-dns-sample.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-cluster-logforwarder-templatized.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-cluster-logforwarder-templatized.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-cluster-network-sample.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-cluster-network-sample.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-cluster-proxy-sample.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-cluster-proxy-sample.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-compliance-operator-high-scan.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-compliance-operator-high-scan.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-compliance-operator-hypershift-hosted-cluster.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-compliance-operator-hypershift-hosted-cluster.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-compliance-operator-moderate-scan.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-compliance-operator-moderate-scan.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-compliance-operator-nerc-cip-scan.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-compliance-operator-nerc-cip-scan.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-compliance-operator-pci-dss-scan.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-compliance-operator-pci-dss-scan.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-configure-logforwarding.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-configure-logforwarding.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-configure-subscription-admin-hub.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-configure-subscription-admin-hub.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-continuous-restore-backup-triliovault-for-kubernetes.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-continuous-restore-backup-triliovault-for-kubernetes.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-continuous-restore-event-target-triliovault-for-kubernetes.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-continuous-restore-event-target-triliovault-for-kubernetes.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-continuous-restore-triliovault-for-kubernetes.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-continuous-restore-triliovault-for-kubernetes.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-create-helm-backup-triliovault-for-kubernetes.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-create-helm-backup-triliovault-for-kubernetes.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-create-label-backup-triliovault-for-kubernetes.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-create-label-backup-triliovault-for-kubernetes.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-create-license-triliovault-for-kubernetes-upstream.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-create-license-triliovault-for-kubernetes-upstream.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-create-ns-backup-triliovault-for-kubernetes-templatized.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-create-ns-backup-triliovault-for-kubernetes-templatized.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-create-ns-backup-triliovault-for-kubernetes.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-create-ns-backup-triliovault-for-kubernetes.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-create-operator-backup-triliovault-for-kubernetes.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-create-operator-backup-triliovault-for-kubernetes.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-custom-catalog.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-custom-catalog.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-egress-firewall-sample.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-egress-firewall-sample.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-enable-if-etcd-encrypted-templatized.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-enable-if-etcd-encrypted-templatized.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-enable-if-ns-exists-templatized.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-enable-if-ns-exists-templatized.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-engineering-configmap.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-engineering-configmap.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-engineering-pod-disruption-budget.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-engineering-pod-disruption-budget.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-etcd-backup.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-etcd-backup.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-file-integrity-operator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-file-integrity-operator.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-gatekeeper-allowed-external-ips.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-gatekeeper-allowed-external-ips.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-gatekeeper-annotation-owner.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-gatekeeper-annotation-owner.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-gatekeeper-container-image-latest.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-gatekeeper-container-image-latest.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-gatekeeper-container-livenessprobenotset.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-gatekeeper-container-livenessprobenotset.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-gatekeeper-container-readinessprobenotset.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-gatekeeper-container-readinessprobenotset.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-gatekeeper-container-tgps.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-gatekeeper-container-tgps.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-gatekeeper-image-pull-policy.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-gatekeeper-image-pull-policy.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-gatekeeper-operator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-gatekeeper-operator.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-gatekeeper-sample.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-gatekeeper-sample.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-github-oauth-sample.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-github-oauth-sample.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-idp-operator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-idp-operator.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-idp-sample-github.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-idp-sample-github.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-image-policy-sample.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-image-policy-sample.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-ingress-controller.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-ingress-controller.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-install-external-secrets.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-install-external-secrets.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-install-kyverno.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-install-kyverno.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-install-triliovault-for-kubernetes-using-helm.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-install-triliovault-for-kubernetes-using-helm.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-install-triliovault-for-kubernetes.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-install-triliovault-for-kubernetes.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-integrity-shield-events.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-integrity-shield-events.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-integrity-shield-observer.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-integrity-shield-observer.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-integrity-shield.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-integrity-shield.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-kernel-devel.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-kernel-devel.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-kyverno-add-network-policy.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-kyverno-add-network-policy.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-kyverno-add-quota.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-kyverno-add-quota.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-kyverno-config-exclude-resources.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-kyverno-config-exclude-resources.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-kyverno-container-tgps.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-kyverno-container-tgps.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-kyverno-image-pull-policy.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-kyverno-image-pull-policy.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-kyverno-operator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-kyverno-operator.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-kyverno-sample.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-kyverno-sample.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-kyverno-sync-secrets.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-kyverno-sync-secrets.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-label-cluster.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-label-cluster.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-label-worker-nodes.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-label-worker-nodes.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-local-storage-operator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-local-storage-operator.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-lvm-operator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-lvm-operator.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-machineconfig-chrony.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-machineconfig-chrony.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-managedclusterinfo-templatized.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-managedclusterinfo-templatized.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-managedclustersetbinding.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-managedclustersetbinding.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-mce-hcp-autoimport.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-mce-hcp-autoimport.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-network-policy-samples.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-network-policy-samples.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-nginx-deployment-templatized.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-nginx-deployment-templatized.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-nginx-deployment.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-nginx-deployment.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-oadp.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-oadp.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-oauth-config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-oauth-config.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-oauth-htpasswd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-oauth-htpasswd.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-oauth-ldapsync.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-oauth-ldapsync.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-oc-client-cronjob.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-oc-client-cronjob.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-odf.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-odf.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-opa-sample.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-opa-sample.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-openshift-gitops-policygenerator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-openshift-gitops-policygenerator.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-openshift-gitops.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-openshift-gitops.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-openshift-serverless.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-openshift-serverless.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-openshift-servicemesh.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-openshift-servicemesh.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-pao-operator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-pao-operator.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-persistent-data-management.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-persistent-data-management.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-pod-disruption-budget-templatized.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-pod-disruption-budget-templatized.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-pod-placement.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-pod-placement.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-proxy-protocol.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-proxy-protocol.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-ptp-operator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-ptp-operator.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-resiliency-image-pruner.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-resiliency-image-pruner.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-rhoda-operator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-rhoda-operator.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-rosa-autoimport.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-rosa-autoimport.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-scheduler.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-scheduler.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-sriov-operator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-sriov-operator.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-sriovnetwork-templatized.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-sriovnetwork-templatized.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-trusted-container.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-trusted-container.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-trusted-node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-trusted-node.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-update-service-openshift-cluster.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-update-service-openshift-cluster.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-upgrade-openshift-cluster.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-upgrade-openshift-cluster.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-vsphere-machine-set.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-vsphere-machine-set.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-web-terminal-operator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-web-terminal-operator.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-ztp-node-add-static.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-ztp-node-add-static.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-ztp-node-add.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-ztp-node-add.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-zts-cmc-deployment.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-zts-cmc-deployment.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-zts-xcrypt-deployment.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-zts-xcrypt-deployment.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/policy-zts-xcrypt-rbac.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/policy-zts-xcrypt-rbac.yaml -------------------------------------------------------------------------------- /community/CM-Configuration-Management/terminating-configpolicies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/CM-Configuration-Management/terminating-configpolicies.yaml -------------------------------------------------------------------------------- /community/Operator-Management/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/Operator-Management/README.md -------------------------------------------------------------------------------- /community/Operator-Management/policy-cnv-mtv-operators/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/Operator-Management/policy-cnv-mtv-operators/README.md -------------------------------------------------------------------------------- /community/Operator-Management/policy-cnv-mtv-operators/placement-cnv.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/Operator-Management/policy-cnv-mtv-operators/placement-cnv.yaml -------------------------------------------------------------------------------- /community/Operator-Management/policy-cnv-mtv-operators/policy-cnv.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/Operator-Management/policy-cnv-mtv-operators/policy-cnv.yaml -------------------------------------------------------------------------------- /community/Operator-Management/policy-cnv-mtv-operators/policy-mtv.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/Operator-Management/policy-cnv-mtv-operators/policy-mtv.yaml -------------------------------------------------------------------------------- /community/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/README.md -------------------------------------------------------------------------------- /community/SC-System-and-Communications-Protection/policy-checkclusteroperator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/SC-System-and-Communications-Protection/policy-checkclusteroperator.yaml -------------------------------------------------------------------------------- /community/SC-System-and-Communications-Protection/policy-checknamespaces-terminating.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/SC-System-and-Communications-Protection/policy-checknamespaces-terminating.yaml -------------------------------------------------------------------------------- /community/SC-System-and-Communications-Protection/policy-disable-self-provisioner.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/SC-System-and-Communications-Protection/policy-disable-self-provisioner.yaml -------------------------------------------------------------------------------- /community/SC-System-and-Communications-Protection/policy-ocp4-certs.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/SC-System-and-Communications-Protection/policy-ocp4-certs.yaml -------------------------------------------------------------------------------- /community/SC-System-and-Communications-Protection/policy-remove-kubeadmin.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/SC-System-and-Communications-Protection/policy-remove-kubeadmin.yaml -------------------------------------------------------------------------------- /community/SI-System-and-Information-Integrity/policy-blackduck.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/SI-System-and-Information-Integrity/policy-blackduck.yaml -------------------------------------------------------------------------------- /community/SI-System-and-Information-Integrity/policy-crowdstrike-falcon-rhmp.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/SI-System-and-Information-Integrity/policy-crowdstrike-falcon-rhmp.yaml -------------------------------------------------------------------------------- /community/SI-System-and-Information-Integrity/policy-falco-auditing.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/SI-System-and-Information-Integrity/policy-falco-auditing.yaml -------------------------------------------------------------------------------- /community/SI-System-and-Information-Integrity/policy-falco-helm.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/SI-System-and-Information-Integrity/policy-falco-helm.yaml -------------------------------------------------------------------------------- /community/SI-System-and-Information-Integrity/policy-falco.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/SI-System-and-Information-Integrity/policy-falco.yaml -------------------------------------------------------------------------------- /community/SI-System-and-Information-Integrity/policy-sysdig.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/community/SI-System-and-Information-Integrity/policy-sysdig.yaml -------------------------------------------------------------------------------- /deploy/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/deploy/README.md -------------------------------------------------------------------------------- /deploy/application.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/deploy/application.yaml -------------------------------------------------------------------------------- /deploy/application_template.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/deploy/application_template.json -------------------------------------------------------------------------------- /deploy/argoDeploy.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/deploy/argoDeploy.sh -------------------------------------------------------------------------------- /deploy/channel.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/deploy/channel.yaml -------------------------------------------------------------------------------- /deploy/channel_template.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/deploy/channel_template.json -------------------------------------------------------------------------------- /deploy/deploy.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/deploy/deploy.sh -------------------------------------------------------------------------------- /deploy/kustomization_template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/deploy/kustomization_template.yaml -------------------------------------------------------------------------------- /deploy/placement.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/deploy/placement.yaml -------------------------------------------------------------------------------- /deploy/placement_template.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/deploy/placement_template.json -------------------------------------------------------------------------------- /deploy/remove.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/deploy/remove.sh -------------------------------------------------------------------------------- /deploy/subscription.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/deploy/subscription.yaml -------------------------------------------------------------------------------- /deploy/subscription_placement_template.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/deploy/subscription_placement_template.json -------------------------------------------------------------------------------- /deploy/subscription_template.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/deploy/subscription_template.json -------------------------------------------------------------------------------- /policygenerator/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/README.md -------------------------------------------------------------------------------- /policygenerator/kustomize/kustomization.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/kustomize/kustomization.yml -------------------------------------------------------------------------------- /policygenerator/kustomize/policy1_deployment/deployment.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/kustomize/policy1_deployment/deployment.yaml -------------------------------------------------------------------------------- /policygenerator/kustomize/policy1_deployment/namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: gitops-demo 5 | -------------------------------------------------------------------------------- /policygenerator/kustomize/policy1_deployment/route.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/kustomize/policy1_deployment/route.yaml -------------------------------------------------------------------------------- /policygenerator/kustomize/policy1_deployment/service.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/kustomize/policy1_deployment/service.yaml -------------------------------------------------------------------------------- /policygenerator/kustomize/policy2_gatekeeper/gatekeeper.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/kustomize/policy2_gatekeeper/gatekeeper.yaml -------------------------------------------------------------------------------- /policygenerator/kustomize/policy3_kyverno/kyverno.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/kustomize/policy3_kyverno/kyverno.yaml -------------------------------------------------------------------------------- /policygenerator/kustomize/policyGenerator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/kustomize/policyGenerator.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/README.md -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/README.md -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/acs-secure/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/acs-secure/README.md -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/acs-secure/input-sensor/acs-check-certificates.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/acs-secure/input-sensor/acs-check-certificates.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/acs-secure/input-sensor/policy-acs-sync-resources.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/acs-secure/input-sensor/policy-acs-sync-resources.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/acs-secure/input-sensor/policy-advanced-managed-cluster-security.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/acs-secure/input-sensor/policy-advanced-managed-cluster-security.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/acs-secure/input-sensor/policy-advanced-managed-cluster-status.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/acs-secure/input-sensor/policy-advanced-managed-cluster-status.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/acs-secure/kustomization.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/acs-secure/kustomization.yml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/acs-secure/policyGenerator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/acs-secure/policyGenerator.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/README.md -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/images/policies-installed.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/images/policies-installed.png -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/images/policies.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/images/policies.png -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/images/policysets.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/images/policysets.png -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/images/subscription.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/images/subscription.png -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/images/topology.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/images/topology.png -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/any-warn-deprecated-api-versions/src.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/any-warn-deprecated-api-versions/src.rego -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/any-warn-deprecated-api-versions/src_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/any-warn-deprecated-api-versions/src_test.rego -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/container-deny-added-caps/constraint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/container-deny-added-caps/constraint.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/container-deny-added-caps/template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/container-deny-added-caps/template.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/container-deny-escalation/constraint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/container-deny-escalation/constraint.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/container-deny-escalation/template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/container-deny-escalation/template.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/container-deny-latest-tag/constraint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/container-deny-latest-tag/constraint.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/container-deny-latest-tag/template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/container-deny-latest-tag/template.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/container-deny-no-resource-constraints/constraint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/container-deny-no-resource-constraints/constraint.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/container-deny-no-resource-constraints/template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/container-deny-no-resource-constraints/template.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/container-deny-privileged-if-tenant/constraint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/container-deny-privileged-if-tenant/constraint.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/container-deny-privileged-if-tenant/template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/container-deny-privileged-if-tenant/template.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/container-deny-privileged/constraint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/container-deny-privileged/constraint.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/container-deny-privileged/template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/container-deny-privileged/template.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/lib/core.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/lib/core.rego -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/lib/pods.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/lib/pods.rego -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/lib/psp.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/lib/psp.rego -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/lib/psp_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/lib/psp_test.rego -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/lib/rbac.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/lib/rbac.rego -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/lib/security.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/lib/security.rego -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/pod-deny-host-alias/constraint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/pod-deny-host-alias/constraint.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/pod-deny-host-alias/template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/pod-deny-host-alias/template.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/pod-deny-host-ipc/constraint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/pod-deny-host-ipc/constraint.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/pod-deny-host-ipc/template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/pod-deny-host-ipc/template.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/pod-deny-host-network/constraint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/pod-deny-host-network/constraint.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/pod-deny-host-network/template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/pod-deny-host-network/template.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/pod-deny-host-pid/constraint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/pod-deny-host-pid/constraint.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/pod-deny-host-pid/template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/pod-deny-host-pid/template.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/pod-deny-without-runasnonroot/constraint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/pod-deny-without-runasnonroot/constraint.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/pod-deny-without-runasnonroot/template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/pod-deny-without-runasnonroot/template.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/suspicious_assignment_of_controller_service_accounts/constraint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/suspicious_assignment_of_controller_service_accounts/constraint.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/suspicious_assignment_of_controller_service_accounts/template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/suspicious_assignment_of_controller_service_accounts/template.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/suspicious_self_subject_review/constraint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/suspicious_self_subject_review/constraint.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/input/suspicious_self_subject_review/template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/input/suspicious_self_subject_review/template.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/kustomization.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/kustomization.yml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/placement.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/placement.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/gatekeeper/policyGenerator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/gatekeeper/policyGenerator.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/README.md -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/best-practises-for-apps/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/best-practises-for-apps/README.md -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/affinity/add_node_affinity.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/affinity/add_node_affinity.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/affinity/create_pod_antiaffinity.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/affinity/create_pod_antiaffinity.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/affinity/spread_pods_across_topology.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/affinity/spread_pods_across_topology.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/base_images/allowed-base-images.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/base_images/allowed-base-images.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/base_images/annotate-base-images.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/base_images/annotate-base-images.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/deployments/add_volume_deployment.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/deployments/add_volume_deployment.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/deployments/mutate-large-termination-gps.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/deployments/mutate-large-termination-gps.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/deployments/restart_deployment_on_secret_change.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/deployments/restart_deployment_on_secret_change.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/deployments/scale_deployment_zero.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/deployments/scale_deployment_zero.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/limitsrequests/require_requests_limits.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/limitsrequests/require_requests_limits.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/poddisruptionbudget/create_default_pdb.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/poddisruptionbudget/create_default_pdb.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/require_deployments_have_multiple_replicas/deployment-musthaverolling-strategy.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/require_deployments_have_multiple_replicas/deployment-musthaverolling-strategy.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/require_deployments_have_multiple_replicas/require_deployments_have_multiple_replicas.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/require_deployments_have_multiple_replicas/require_deployments_have_multiple_replicas.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/require_probes/ensure_probes_different.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/require_probes/ensure_probes_different.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/require_probes/require_probes.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/require_probes/require_probes.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/resource-exhaustion/disallow-self-provisioner/disallow-self-provisioner.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/resource-exhaustion/disallow-self-provisioner/disallow-self-provisioner.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/restrict_controlplane_scheduling/restrict_controlplane_scheduling.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/restrict_controlplane_scheduling/restrict_controlplane_scheduling.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/routes/check-routes.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/routes/check-routes.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/validate_git/validategit.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/best-practises-for-apps/input/validate_git/validategit.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/best-practises-for-apps/kustomization.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/best-practises-for-apps/kustomization.yml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/best-practises-for-apps/placement.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/best-practises-for-apps/placement.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/best-practises-for-apps/policyGenerator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/best-practises-for-apps/policyGenerator.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/images/applications.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/images/applications.png -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/images/policies-installed.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/images/policies-installed.png -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/images/policies.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/images/policies.png -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/images/policysets.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/images/policysets.png -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/images/subscription.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/images/subscription.png -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/images/topology.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/images/topology.png -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/README.md -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/input/addlabelstotenant/add-labels-to-bluetenant.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/input/addlabelstotenant/add-labels-to-bluetenant.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/input/addlabelstotenant/add-labels-to-redtenant.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/input/addlabelstotenant/add-labels-to-redtenant.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/input/disallowplacementrules/disallow-placementRules.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/input/disallowplacementrules/disallow-placementRules.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/input/generateManagedClusterSetBinding/generateManagedClusterSetBindingblueteam-hub.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/input/generateManagedClusterSetBinding/generateManagedClusterSetBindingblueteam-hub.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/input/generateManagedClusterSetBinding/generateManagedClusterSetBindingredteam-hub.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/input/generateManagedClusterSetBinding/generateManagedClusterSetBindingredteam-hub.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/input/generatePlacementRules/generatePlacementblueteam-hub.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/input/generatePlacementRules/generatePlacementblueteam-hub.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/input/generatePlacementRules/generatePlacementredteam-hub.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/input/generatePlacementRules/generatePlacementredteam-hub.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/input/generateall/generate-all-blueteam-spoke.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/input/generateall/generate-all-blueteam-spoke.yml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/input/generateall/generate-all-redteam-spoke.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/input/generateall/generate-all-redteam-spoke.yml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/input/generateargocdpersmissions/generate-argocd-permissions-blueteam-spoke.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/input/generateargocdpersmissions/generate-argocd-permissions-blueteam-spoke.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/input/generateargocdpersmissions/generate-argocd-permissions-redteam-spoke.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/input/generateargocdpersmissions/generate-argocd-permissions-redteam-spoke.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/input/other/add-ttl-to-dangling-job.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/input/other/add-ttl-to-dangling-job.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/input/preventupdatesappproject/application-prevent-updates-project-all.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/input/preventupdatesappproject/application-prevent-updates-project-all.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/input/restrictions/restrict-blueteam-destination-spoke.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/input/restrictions/restrict-blueteam-destination-spoke.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/input/restrictions/restrict-blueteam-to-its-appproject-all.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/input/restrictions/restrict-blueteam-to-its-appproject-all.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/input/restrictions/restrict-blueteam-to-its-placement-hub.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/input/restrictions/restrict-blueteam-to-its-placement-hub.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/input/restrictions/restrict-redteam-destination-spoke.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/input/restrictions/restrict-redteam-destination-spoke.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/input/restrictions/restrict-redteam-to-its-appproject-hub.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/input/restrictions/restrict-redteam-to-its-appproject-hub.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/input/restrictions/restrict-redteam-to-its-placement-hub.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/input/restrictions/restrict-redteam-to-its-placement-hub.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/input/sharedresources/add-managedclustersetbinding-shared-sre-group.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/input/sharedresources/add-managedclustersetbinding-shared-sre-group.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/input/validatens/validate-ns-bluesre-spoke.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/input/validatens/validate-ns-bluesre-spoke.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/input/validatens/validate-ns-redsre-spoke.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/input/validatens/validate-ns-redsre-spoke.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/input/validateplacement/preventupdates-appproject-all.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/input/validateplacement/preventupdates-appproject-all.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/input/validateplacement/validateplacementblueteam-hub.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/input/validateplacement/validateplacementblueteam-hub.yml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/input/validateplacement/validateplacementredteam-hub.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/input/validateplacement/validateplacementredteam-hub.yml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/kustomization.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/kustomization.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/placement.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/placement.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/multitenancy/policyGenerator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/multitenancy/policyGenerator.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/README.md -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/authorization/disallow-scc-runasany.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/authorization/disallow-scc-runasany.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/authorization/host-namespaces/disallow-host-ipc.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/authorization/host-namespaces/disallow-host-ipc.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/authorization/host-namespaces/disallow-host-network.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/authorization/host-namespaces/disallow-host-network.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/authorization/host-namespaces/disallow-host-pid.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/authorization/host-namespaces/disallow-host-pid.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/authorization/host-namespaces/disallow-host-ports.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/authorization/host-namespaces/disallow-host-ports.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/authorization/protect-default-scc/protect-default-scc.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/authorization/protect-default-scc/protect-default-scc.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/disallow-host-namespaces/disallow-host-namespaces.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/disallow-host-namespaces/disallow-host-namespaces.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/disallow_latest_tag/disallow_latest_tag.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/disallow_latest_tag/disallow_latest_tag.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/httpsonly/httpsonly.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/httpsonly/httpsonly.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/networking/block-nodeport-services/block-nodeport-services.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/networking/block-nodeport-services/block-nodeport-services.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/require-run-as-non-root-user/require-run-as-non-root-user.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/require-run-as-non-root-user/require-run-as-non-root-user.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/require-run-as-non-root-user/restrictions/restrict-blueteam-destination-spoke.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/require-run-as-non-root-user/restrictions/restrict-blueteam-destination-spoke.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/require-run-as-non-root-user/restrictions/restrict-blueteam-to-its-appproject-all.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/require-run-as-non-root-user/restrictions/restrict-blueteam-to-its-appproject-all.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/require-run-as-non-root-user/restrictions/restrict-blueteam-to-its-placement-hub.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/require-run-as-non-root-user/restrictions/restrict-blueteam-to-its-placement-hub.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/require-run-as-non-root-user/restrictions/restrict-redteam-destination-spoke.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/require-run-as-non-root-user/restrictions/restrict-redteam-destination-spoke.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/require-run-as-non-root-user/restrictions/restrict-redteam-to-its-appproject-hub.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/require-run-as-non-root-user/restrictions/restrict-redteam-to-its-appproject-hub.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/require-run-as-non-root-user/restrictions/restrict-redteam-to-its-placement-hub.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/require-run-as-non-root-user/restrictions/restrict-redteam-to-its-placement-hub.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/restrict-binding-clusteradmin/block-stale-images/block-stale-images.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/restrict-binding-clusteradmin/block-stale-images/block-stale-images.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/restrict-binding-clusteradmin/restrict-binding-clusteradmin.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/restrict-binding-clusteradmin/restrict-binding-clusteradmin.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/restrict-clusterrole-nodesproxy/restrict-clusterrole-nodesproxy.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/restrict-clusterrole-nodesproxy/restrict-clusterrole-nodesproxy.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/restrict-escalation-verbs-roles/restrict-escalation-verbs-roles.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/restrict-escalation-verbs-roles/restrict-escalation-verbs-roles.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/restrict-ingress-wildcard/restrict-ingress-wildcard.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/restrict-ingress-wildcard/restrict-ingress-wildcard.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/restrict-secret-role-verbs/restrict-secret-role-verbs.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/restrict-secret-role-verbs/restrict-secret-role-verbs.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/restrict-service-account/restrict_service_account.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/restrict-service-account/restrict_service_account.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/restrict-wildcard-resources/restrict-wildcard-resources.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/restrict-wildcard-resources/restrict-wildcard-resources.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/restrict-wildcard-verbs/restrict-wildcard-verbs.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/restrict-wildcard-verbs/restrict-wildcard-verbs.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/restrict_annotations/restrict_annotations.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/restrict_annotations/restrict_annotations.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/restrict_automount_sa_token/restrict_automount_sa_token.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/restrict_automount_sa_token/restrict_automount_sa_token.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/restrict_ingress_classes/restrict_ingress_classes.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/restrict_ingress_classes/restrict_ingress_classes.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/restrict_ingress_defaultbackend/restrict_ingress_defaultbackend.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/restrict_ingress_defaultbackend/restrict_ingress_defaultbackend.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/restrict_ingress_host/restrict_ingress_host.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/restrict_ingress_host/restrict_ingress_host.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/restrict_loadbalancer/restrict_loadbalancer.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/restrict_loadbalancer/restrict_loadbalancer.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/restrict_node_selection/restrict_node_selection.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/restrict_node_selection/restrict_node_selection.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/restrict_secrets_by_label/restrict-secrets-by-label.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/restrict_secrets_by_label/restrict-secrets-by-label.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/restrict_secrets_by_name/restrict-secrets-by-name.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/restrict_secrets_by_name/restrict-secrets-by-name.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/restrict_service_port_range/restrict-service-port-range.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/restrict_service_port_range/restrict-service-port-range.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/restrict_usergroup_fsgroup_id/restrict_usergroup_fsgroup_id.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/restrict_usergroup_fsgroup_id/restrict_usergroup_fsgroup_id.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/input/security-context-contraint/disallow-security-context-constraint-anyuid.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/input/security-context-contraint/disallow-security-context-constraint-anyuid.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/kustomization.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/kustomization.yml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/placement.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/placement.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/kyverno/security/policyGenerator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/kyverno/security/policyGenerator.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/ocp-best-practices/input-admin/policy-remove-kubeadmin.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/ocp-best-practices/input-admin/policy-remove-kubeadmin.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/ocp-best-practices/input-audit/policy-config-audit.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/ocp-best-practices/input-audit/policy-config-audit.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/ocp-best-practices/input-certs/policy-ocp4-certs.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/ocp-best-practices/input-certs/policy-ocp4-certs.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/ocp-best-practices/input-compliance/policy-compliance-operator-install.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/ocp-best-practices/input-compliance/policy-compliance-operator-install.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/ocp-best-practices/input-compliance/policy-compliance-operator-moderate-scan.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/ocp-best-practices/input-compliance/policy-compliance-operator-moderate-scan.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/ocp-best-practices/input-compliance/policy-compliance-operator-scan-results.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/ocp-best-practices/input-compliance/policy-compliance-operator-scan-results.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/ocp-best-practices/input-etcd/policy-etcd-backup.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/ocp-best-practices/input-etcd/policy-etcd-backup.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/ocp-best-practices/input-etcd/policy-etcdencryption.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/ocp-best-practices/input-etcd/policy-etcdencryption.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/ocp-best-practices/input-files/policy-file-integrity-node-status.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/ocp-best-practices/input-files/policy-file-integrity-node-status.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/ocp-best-practices/input-files/policy-file-integrity-operator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/ocp-best-practices/input-files/policy-file-integrity-operator.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/ocp-best-practices/input-fips/policy-check-fips.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/ocp-best-practices/input-fips/policy-check-fips.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/ocp-best-practices/input-operators/policy-checkclusteroperator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/ocp-best-practices/input-operators/policy-checkclusteroperator.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/ocp-best-practices/input-scc/policy-scc-restricted.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/ocp-best-practices/input-scc/policy-scc-restricted.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/ocp-best-practices/input/placement.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/ocp-best-practices/input/placement.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/ocp-best-practices/kustomization.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/ocp-best-practices/kustomization.yml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/ocp-best-practices/policyGenerator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/ocp-best-practices/policyGenerator.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/openshift-gitops/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/openshift-gitops/README.md -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/openshift-gitops/kustomization.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/openshift-gitops/kustomization.yml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/openshift-gitops/placement.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/openshift-gitops/placement.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/openshift-gitops/policy-openshift-gitops-grc.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/openshift-gitops/policy-openshift-gitops-grc.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/openshift-gitops/policy-openshift-gitops.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/openshift-gitops/policy-openshift-gitops.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/openshift-gitops/policyGenerator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/openshift-gitops/policyGenerator.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/openshift-plus-setup/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/openshift-plus-setup/README.md -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/openshift-plus-setup/kustomization.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/openshift-plus-setup/kustomization.yml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/openshift-plus-setup/machine-sets.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/openshift-plus-setup/machine-sets.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/openshift-plus-setup/managedclustersetbinding.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/openshift-plus-setup/managedclustersetbinding.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/openshift-plus-setup/namespace.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/openshift-plus-setup/namespace.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/openshift-plus-setup/opp-settings.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/openshift-plus-setup/opp-settings.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/openshift-plus-setup/placement.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/openshift-plus-setup/placement.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/openshift-plus-setup/policyGenerator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/openshift-plus-setup/policyGenerator.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/openshift-plus-setup/test/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/openshift-plus-setup/test/README.md -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/openshift-plus-setup/test/aws/cluster-claim.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/openshift-plus-setup/test/aws/cluster-claim.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/openshift-plus-setup/test/aws/example-drtt7-workerocs-us-east-2a.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/openshift-plus-setup/test/aws/example-drtt7-workerocs-us-east-2a.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/openshift-plus-setup/test/aws/example-drtt7-workerocs-us-east-2b.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/openshift-plus-setup/test/aws/example-drtt7-workerocs-us-east-2b.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/openshift-plus-setup/test/aws/example-drtt7-workerocs-us-east-2c.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/openshift-plus-setup/test/aws/example-drtt7-workerocs-us-east-2c.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/openshift-plus-setup/test/aws/infrastructure.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/openshift-plus-setup/test/aws/infrastructure.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/openshift-plus-setup/test/aws/opp-settings.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/openshift-plus-setup/test/aws/opp-settings.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/openshift-plus-setup/test/mappings.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/openshift-plus-setup/test/mappings.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/openshift-plus-setup/test/vsphere/ci-op-ldb7hpt4-d53f7-srxtz-storage.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/openshift-plus-setup/test/vsphere/ci-op-ldb7hpt4-d53f7-srxtz-storage.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/openshift-plus-setup/test/vsphere/cluster-claim.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/openshift-plus-setup/test/vsphere/cluster-claim.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/openshift-plus-setup/test/vsphere/infrastructure.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/openshift-plus-setup/test/vsphere/infrastructure.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/openshift-plus-setup/test/vsphere/opp-settings.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/openshift-plus-setup/test/vsphere/opp-settings.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/policygenerator-download/consoleclidownload.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/policygenerator-download/consoleclidownload.yml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/policygenerator-download/deployment.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/policygenerator-download/deployment.yml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/policygenerator-download/generator.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/policygenerator-download/generator.yml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/policygenerator-download/kustomization.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/policygenerator-download/kustomization.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/policygenerator-download/namespace.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/policygenerator-download/namespace.yml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/policygenerator-download/route.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/policygenerator-download/route.yml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/policygenerator-download/service.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/policygenerator-download/service.yml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/zts-xcrypt/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/zts-xcrypt/README.md -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/zts-xcrypt/input/operator-dh-v1-local.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/zts-xcrypt/input/operator-dh-v1-local.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/zts-xcrypt/input/operator-executor.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/zts-xcrypt/input/operator-executor.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/zts-xcrypt/input/placementrule.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/zts-xcrypt/input/placementrule.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/zts-xcrypt/input/xcrypt.zettaset.com_xcrypts.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/zts-xcrypt/input/xcrypt.zettaset.com_xcrypts.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/zts-xcrypt/input/zts-rbac.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/zts-xcrypt/input/zts-rbac.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/zts-xcrypt/policy-zts-xcrypt-version-1.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/zts-xcrypt/policy-zts-xcrypt-version-1.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/community/zts-xcrypt/policyGenerator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/community/zts-xcrypt/policyGenerator.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/README.md -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/acm-hardening/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/acm-hardening/README.md -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/acm-hardening/input-backup/policy-backup.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/acm-hardening/input-backup/policy-backup.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/acm-hardening/input-managedcluster/policy-managedclusteraddon-available.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/acm-hardening/input-managedcluster/policy-managedclusteraddon-available.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/acm-hardening/input-policyreport/policy-check-policyreports.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/acm-hardening/input-policyreport/policy-check-policyreports.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/acm-hardening/input-subscriptions/policy-subscriptions.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/acm-hardening/input-subscriptions/policy-subscriptions.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/acm-hardening/input/placement.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/acm-hardening/input/placement.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/acm-hardening/kustomization.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/acm-hardening/kustomization.yml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/acm-hardening/policyGenerator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/acm-hardening/policyGenerator.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/openshift-plus/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/openshift-plus/README.md -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/openshift-plus/input-acm-observability/operator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/openshift-plus/input-acm-observability/operator.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/openshift-plus/input-acm-observability/storage.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/openshift-plus/input-acm-observability/storage.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/openshift-plus/input-acs-central/policy-acs-central-status.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/openshift-plus/input-acs-central/policy-acs-central-status.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/openshift-plus/input-acs-central/policy-acs-operator-central.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/openshift-plus/input-acs-central/policy-acs-operator-central.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/openshift-plus/input-compliance/policy-compliance-operator-install.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/openshift-plus/input-compliance/policy-compliance-operator-install.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/openshift-plus/input-odf/policy-object-storage.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/openshift-plus/input-odf/policy-object-storage.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/openshift-plus/input-odf/policy-odf-cluster.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/openshift-plus/input-odf/policy-odf-cluster.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/openshift-plus/input-odf/policy-odf-status.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/openshift-plus/input-odf/policy-odf-status.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/openshift-plus/input-odf/policy-odf.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/openshift-plus/input-odf/policy-odf.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/openshift-plus/input-quay/policy-config-quay.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/openshift-plus/input-quay/policy-config-quay.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/openshift-plus/input-quay/policy-hub-quay-bridge.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/openshift-plus/input-quay/policy-hub-quay-bridge.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/openshift-plus/input-quay/policy-install-quay.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/openshift-plus/input-quay/policy-install-quay.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/openshift-plus/input-quay/policy-quay-bridge.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/openshift-plus/input-quay/policy-quay-bridge.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/openshift-plus/input-quay/policy-quay-status.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/openshift-plus/input-quay/policy-quay-status.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/openshift-plus/input-sensor/acs-check-certificates.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/openshift-plus/input-sensor/acs-check-certificates.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/openshift-plus/input-sensor/policy-acs-central-ca-bundle-expired.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/openshift-plus/input-sensor/policy-acs-central-ca-bundle-expired.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/openshift-plus/input-sensor/policy-acs-central-ca-bundle-v1.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/openshift-plus/input-sensor/policy-acs-central-ca-bundle-v1.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/openshift-plus/input-sensor/policy-acs-central-ca-bundle-v2.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/openshift-plus/input-sensor/policy-acs-central-ca-bundle-v2.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/openshift-plus/input-sensor/policy-acs-central-ca-bundle.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/openshift-plus/input-sensor/policy-acs-central-ca-bundle.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/openshift-plus/input-sensor/policy-acs-sync-resources.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/openshift-plus/input-sensor/policy-acs-sync-resources.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/openshift-plus/input-sensor/policy-advanced-managed-cluster-security.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/openshift-plus/input-sensor/policy-advanced-managed-cluster-security.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/openshift-plus/input-sensor/policy-advanced-managed-cluster-status.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/openshift-plus/input-sensor/policy-advanced-managed-cluster-status.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/openshift-plus/input/clusters-placement.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/openshift-plus/input/clusters-placement.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/openshift-plus/input/hub-placement.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/openshift-plus/input/hub-placement.yaml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/openshift-plus/kustomization.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/openshift-plus/kustomization.yml -------------------------------------------------------------------------------- /policygenerator/policy-sets/stable/openshift-plus/policyGenerator.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/policy-sets/stable/openshift-plus/policyGenerator.yaml -------------------------------------------------------------------------------- /policygenerator/subscription.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/policygenerator/subscription.yaml -------------------------------------------------------------------------------- /stable/AC-Access-Control/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/stable/AC-Access-Control/README.md -------------------------------------------------------------------------------- /stable/AC-Access-Control/policy-role.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/stable/AC-Access-Control/policy-role.yaml -------------------------------------------------------------------------------- /stable/AC-Access-Control/policy-rolebinding.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/stable/AC-Access-Control/policy-rolebinding.yaml -------------------------------------------------------------------------------- /stable/CA-Security-Assessment-and-Authorization/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/stable/CA-Security-Assessment-and-Authorization/README.md -------------------------------------------------------------------------------- /stable/CA-Security-Assessment-and-Authorization/policy-compliance-operator-install.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/stable/CA-Security-Assessment-and-Authorization/policy-compliance-operator-install.yaml -------------------------------------------------------------------------------- /stable/CM-Configuration-Management/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/stable/CM-Configuration-Management/README.md -------------------------------------------------------------------------------- /stable/CM-Configuration-Management/argocd-policy-healthchecks.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/stable/CM-Configuration-Management/argocd-policy-healthchecks.yaml -------------------------------------------------------------------------------- /stable/CM-Configuration-Management/policy-compliance-operator-cis-scan.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/stable/CM-Configuration-Management/policy-compliance-operator-cis-scan.yaml -------------------------------------------------------------------------------- /stable/CM-Configuration-Management/policy-compliance-operator-e8-scan.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/stable/CM-Configuration-Management/policy-compliance-operator-e8-scan.yaml -------------------------------------------------------------------------------- /stable/CM-Configuration-Management/policy-gatekeeper-operator-downstream.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/stable/CM-Configuration-Management/policy-gatekeeper-operator-downstream.yaml -------------------------------------------------------------------------------- /stable/CM-Configuration-Management/policy-namespace.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/stable/CM-Configuration-Management/policy-namespace.yaml -------------------------------------------------------------------------------- /stable/CM-Configuration-Management/policy-pod.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/stable/CM-Configuration-Management/policy-pod.yaml -------------------------------------------------------------------------------- /stable/CM-Configuration-Management/policy-zts-cmc.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/stable/CM-Configuration-Management/policy-zts-cmc.yaml -------------------------------------------------------------------------------- /stable/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/stable/README.md -------------------------------------------------------------------------------- /stable/SC-System-and-Communications-Protection/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/stable/SC-System-and-Communications-Protection/README.md -------------------------------------------------------------------------------- /stable/SC-System-and-Communications-Protection/policy-certificate.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/stable/SC-System-and-Communications-Protection/policy-certificate.yaml -------------------------------------------------------------------------------- /stable/SC-System-and-Communications-Protection/policy-etcdencryption.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/stable/SC-System-and-Communications-Protection/policy-etcdencryption.yaml -------------------------------------------------------------------------------- /stable/SC-System-and-Communications-Protection/policy-limitmemory.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/stable/SC-System-and-Communications-Protection/policy-limitmemory.yaml -------------------------------------------------------------------------------- /stable/SC-System-and-Communications-Protection/policy-psp.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/stable/SC-System-and-Communications-Protection/policy-psp.yaml -------------------------------------------------------------------------------- /stable/SC-System-and-Communications-Protection/policy-scc.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/stable/SC-System-and-Communications-Protection/policy-scc.yaml -------------------------------------------------------------------------------- /stable/SI-System-and-Information-Integrity/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/stable/SI-System-and-Information-Integrity/README.md -------------------------------------------------------------------------------- /stable/SI-System-and-Information-Integrity/policy-imagemanifestvuln.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stolostron/policy-collection/HEAD/stable/SI-System-and-Information-Integrity/policy-imagemanifestvuln.yaml --------------------------------------------------------------------------------