networkPolicies

Vault (like many other BigBang components) allows you to specify additional network controls through values provided to the chart.

In order to deliver additional NetworkPolicy controls with your BigBang Vault deployment, first enable networkPolicies for BigBang generally:

networkPolicies:
  enabled: true

Now you can add additional NetworkPolicies to your Vault addon configuration through the addons.vault.values.networkPolicies.additionalPolicies key:

addons:
  vault:
    values:
      networkPolicies:
        additionalPolicies:
        - name: this-is-an-egress-control
          spec:
            podSelector: {}
            policyTypes:
            - Egress
            egress:
            - to:
              - ipBlock:
                  cidr: 172.20.0.0/12
        - name: this-is-an-ingress-control
          spec:
            podSelector: {}
            policyTypes:
            - Ingress
            ingress:
            - from:
              - ipBlock:
                  cidr: 172.20.0.0/12

For more information on Kubernetes NetworkPolicy objects, see the upstream docs. For more information on BigBang Network controls generally, see the BigBang documentation.

---

Last update: 2024-04-06 by Andrew Kesterson