Corpus
147 natural-language policy statements across three categories. Test fixtures are private in v1.0 - the entries below are the public NL inputs each tool is asked to compile.
The right-hand columns show each tool's verdict per entry: ✓ all fixtures pass, ◐ some fixtures pass, ✗ all fixtures fail, ∅ no Rego produced, ⚠ Rego does not compile. Hover any cell for detail.
| Slug | Category | Subcategory | Natural-language statement | PolicyAsLanguage | Gemini 3 Pro | Gemini 3 Flash | Claude Opus 4.7 | GPT-5 | Claude Sonnet 4.6 | GPT-5 mini |
|---|---|---|---|---|---|---|---|---|---|---|
authz_01_admin_delete |
application_authz | starter | Only admins can delete production resources. | ✓ | ✓ | ✓ | ✓ | ⚠ | ✓ | ✓ |
authz_02_mfa_secrets |
application_authz | starter | Users can only access secrets when MFA is verified. | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
authz_03_engineer_read |
application_authz | starter | Engineers can read repositories owned by their own team. | ✓ | ◐ | ◐ | ◐ | ◐ | ◐ | ◐ |
iac_01_rds_backup |
iac_scanning | starter | All production RDS instances must have backup retention of at least 7 days. | ✓ | ✓ | ◐ | ◐ | ◐ | ◐ | ⚠ |
iac_02_s3_public |
iac_scanning | starter | Deny S3 buckets where public access is not blocked. | ✓ | ◐ | ◐ | ◐ | ◐ | ◐ | ⚠ |
iac_03_rds_encryption |
iac_scanning | starter | Deny RDS instances without storage encryption enabled. | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
iac_ckv_ckv_aws_10 |
iac_scanning | aws | Ensure IAM password policy requires minimum length of 14 or greater. | ✓ | ◐ | ◐ | ◐ | ◐ | ◐ | ◐ |
iac_ckv_ckv_aws_11 |
iac_scanning | aws | Ensure IAM password policy requires at least one lowercase letter. | ✓ | ◐ | ◐ | ◐ | ◐ | ◐ | ◐ |
iac_ckv_ckv_aws_115 |
iac_scanning | aws | Ensure that AWS Lambda function is configured for function-level concurrent execution limit. | ◐ | ✓ | ◐ | ✓ | ⚠ | ✓ | ◐ |
iac_ckv_ckv_aws_116 |
iac_scanning | aws | Ensure that AWS Lambda function is configured for a Dead Letter Queue(DLQ). | ✓ | ◐ | ◐ | ◐ | ◐ | ◐ | ⚠ |
iac_ckv_ckv_aws_117 |
iac_scanning | aws | Ensure that AWS Lambda function is configured inside a VPC. | ✓ | ◐ | ◐ | ◐ | ⚠ | ◐ | ◐ |
iac_ckv_ckv_aws_118 |
iac_scanning | aws | Ensure that enhanced monitoring is enabled for Amazon RDS instances. | ✓ | ◐ | ✓ | ✓ | ◐ | ✓ | ⚠ |
iac_ckv_ckv_aws_12 |
iac_scanning | aws | Ensure IAM password policy requires at least one number. | ✓ | ◐ | ◐ | ◐ | ◐ | ◐ | ◐ |
iac_ckv_ckv_aws_126 |
iac_scanning | aws | Ensure that detailed monitoring is enabled for EC2 instances. | ✓ | ◐ | ◐ | ◐ | ◐ | ◐ | ◐ |
iac_ckv_ckv_aws_129 |
iac_scanning | aws | Ensure that respective logs of Amazon Relational Database Service (Amazon RDS) are enabled. | ✓ | ✓ | ✓ | ✓ | ⚠ | ∅ | ⚠ |
iac_ckv_ckv_aws_13 |
iac_scanning | aws | Ensure IAM password policy prevents password reuse. | ✓ | ◐ | ◐ | ◐ | ◐ | ◐ | ⚠ |
iac_ckv_ckv_aws_135 |
iac_scanning | aws | Ensure that EC2 is EBS optimized. | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
iac_ckv_ckv_aws_137 |
iac_scanning | aws | Ensure that Elasticsearch is configured inside a VPC. | ◐ | ✓ | ✓ | ✓ | ◐ | ✓ | ✓ |
iac_ckv_ckv_aws_139 |
iac_scanning | aws | Ensure that RDS clusters have deletion protection enabled. | ✓ | ◐ | ✓ | ✓ | ✓ | ✓ | ✓ |
iac_ckv_ckv_aws_14 |
iac_scanning | aws | Ensure IAM password policy requires at least one symbol. | ✓ | ◐ | ◐ | ◐ | ◐ | ◐ | ◐ |
iac_ckv_ckv_aws_143 |
iac_scanning | aws | Ensure that S3 bucket has lock configuration enabled by default. | ◐ | ◐ | ◐ | ◐ | ◐ | ◐ | ◐ |
iac_ckv_ckv_aws_15 |
iac_scanning | aws | Ensure IAM password policy requires at least one uppercase letter. | ✓ | ◐ | ◐ | ◐ | ◐ | ◐ | ◐ |
iac_ckv_ckv_aws_157 |
iac_scanning | aws | Ensure that RDS instances have Multi-AZ enabled. | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
iac_ckv_ckv_aws_16 |
iac_scanning | aws | Ensure all data stored in the RDS is securely encrypted at rest. | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ⚠ |
iac_ckv_ckv_aws_161 |
iac_scanning | aws | Ensure RDS database has IAM authentication enabled. | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
iac_ckv_ckv_aws_162 |
iac_scanning | aws | Ensure RDS cluster has IAM authentication enabled. | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
iac_ckv_ckv_aws_17 |
iac_scanning | aws | Ensure all data stored in RDS is not publicly accessible. | ✓ | ◐ | ◐ | ◐ | ✓ | ◐ | ⚠ |
iac_ckv_ckv_aws_173 |
iac_scanning | aws | Check encryption settings for Lambda environmental variable. | ✓ | ◐ | ◐ | ◐ | ◐ | ◐ | ◐ |
iac_ckv_ckv_aws_18 |
iac_scanning | aws | Ensure the S3 bucket has access logging enabled. | ✓ | ◐ | ◐ | ◐ | ◐ | ◐ | ✓ |
iac_ckv_ckv_aws_19 |
iac_scanning | aws | Ensure the S3 bucket has server-side-encryption enabled. | ✓ | ◐ | ◐ | ◐ | ◐ | ◐ | ◐ |
iac_ckv_ckv_aws_20 |
iac_scanning | aws | Ensure the S3 bucket does not allow READ permissions to everyone. | ✓ | ◐ | ◐ | ◐ | ⚠ | ◐ | ⚠ |
iac_ckv_ckv_aws_21 |
iac_scanning | aws | Ensure the S3 bucket has versioning enabled. | ✓ | ✓ | ✓ | ◐ | ◐ | ✓ | ⚠ |
iac_ckv_ckv_aws_211 |
iac_scanning | aws | Ensure RDS uses a modern CaCert. | ✓ | ◐ | ◐ | ◐ | ◐ | ∅ | ⚠ |
iac_ckv_ckv_aws_226 |
iac_scanning | aws | Ensure DB instance gets all minor upgrades automatically. | ✓ | ◐ | ◐ | ◐ | ◐ | ◐ | ◐ |
iac_ckv_ckv_aws_228 |
iac_scanning | aws | Verify Elasticsearch domain is using an up to date TLS policy. | ✓ | ✓ | ◐ | ◐ | ◐ | ✓ | ✓ |
iac_ckv_ckv_aws_23 |
iac_scanning | aws | Ensure every security group and rule has a description. | ✓ | ◐ | ◐ | ◐ | ⚠ | ◐ | ◐ |
iac_ckv_ckv_aws_247 |
iac_scanning | aws | Ensure all data stored in the Elasticsearch is encrypted with a CMK. | ✓ | ◐ | ◐ | ◐ | ◐ | ◐ | ⚠ |
iac_ckv_ckv_aws_248 |
iac_scanning | aws | Ensure that Elasticsearch is not using the default Security Group. | ✓ | ✗ | ◐ | ◐ | ◐ | ✓ | ⚠ |
iac_ckv_ckv_aws_251 |
iac_scanning | aws | Ensure CloudTrail logging is enabled. | ✓ | ✓ | ✓ | ✓ | ◐ | ◐ | ◐ |
iac_ckv_ckv_aws_252 |
iac_scanning | aws | Ensure CloudTrail defines an SNS Topic. | ✓ | ✓ | ✓ | ◐ | ✓ | ◐ | ⚠ |
iac_ckv_ckv_aws_272 |
iac_scanning | aws | Ensure AWS Lambda function is configured to validate code-signing. | ✓ | ✓ | ◐ | ◐ | ⚠ | ◐ | ◐ |
iac_ckv_ckv_aws_293 |
iac_scanning | aws | Ensure that AWS database instances have deletion protection enabled. | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
iac_ckv_ckv_aws_313 |
iac_scanning | aws | Ensure RDS cluster configured to copy tags to snapshots. | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
iac_ckv_ckv_aws_317 |
iac_scanning | aws | Ensure Elasticsearch Domain Audit Logging is enabled. | ◐ | ◐ | ◐ | ◐ | ⚠ | ◐ | ⚠ |
iac_ckv_ckv_aws_318 |
iac_scanning | aws | Ensure Elasticsearch domains are configured with at least three dedicated master nodes for HA. | ✓ | ◐ | ◐ | ◐ | ⚠ | ◐ | ⚠ |
iac_ckv_ckv_aws_324 |
iac_scanning | aws | Ensure that RDS Cluster log capture is enabled. | ✓ | ✓ | ✓ | ✓ | ◐ | ✓ | ⚠ |
iac_ckv_ckv_aws_325 |
iac_scanning | aws | Ensure that RDS Cluster audit logging is enabled for MySQL engine. | ◐ | ✓ | ✓ | ✓ | ◐ | ✓ | ⚠ |
iac_ckv_ckv_aws_326 |
iac_scanning | aws | Ensure that RDS Aurora Clusters have backtracking enabled. | ✓ | ✓ | ✓ | ✓ | ✓ | ◐ | ⚠ |
iac_ckv_ckv_aws_327 |
iac_scanning | aws | Ensure RDS Clusters are encrypted using KMS CMKs. | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ⚠ |
iac_ckv_ckv_aws_35 |
iac_scanning | aws | Ensure CloudTrail logs are encrypted at rest using KMS CMKs. | ✓ | ✓ | ◐ | ◐ | ◐ | ◐ | ⚠ |
iac_ckv_ckv_aws_353 |
iac_scanning | aws | Ensure that RDS instances have performance insights enabled. | ✓ | ◐ | ◐ | ◐ | ◐ | ◐ | ◐ |
iac_ckv_ckv_aws_354 |
iac_scanning | aws | Ensure RDS Performance Insights are encrypted using KMS CMKs. | ✓ | ✓ | ✓ | ◐ | ◐ | ◐ | ⚠ |
iac_ckv_ckv_aws_36 |
iac_scanning | aws | Ensure CloudTrail log file validation is enabled. | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
iac_ckv_ckv_aws_5 |
iac_scanning | aws | Ensure all data stored in the Elasticsearch is securely encrypted at rest. | ✓ | ◐ | ✓ | ✓ | ✓ | ✓ | ⚠ |
iac_ckv_ckv_aws_50 |
iac_scanning | aws | X-Ray tracing is enabled for Lambda. | ✓ | ✓ | ◐ | ◐ | ◐ | ◐ | ⚠ |
iac_ckv_ckv_aws_53 |
iac_scanning | aws | Ensure S3 bucket has block public ACLS enabled. | ✓ | ◐ | ◐ | ◐ | ◐ | ◐ | ◐ |
iac_ckv_ckv_aws_54 |
iac_scanning | aws | Ensure S3 bucket has block public policy enabled. | ✓ | ◐ | ◐ | ◐ | ◐ | ◐ | ◐ |
iac_ckv_ckv_aws_55 |
iac_scanning | aws | Ensure S3 bucket has ignore public ACLs enabled. | ✓ | ◐ | ◐ | ◐ | ◐ | ◐ | ◐ |
iac_ckv_ckv_aws_56 |
iac_scanning | aws | Ensure S3 bucket has 'restrict_public_buckets' enabled. | ✓ | ✓ | ◐ | ◐ | ◐ | ◐ | ◐ |
iac_ckv_ckv_aws_57 |
iac_scanning | aws | Ensure the S3 bucket does not allow WRITE permissions to everyone. | ✓ | ◐ | ◐ | ◐ | ◐ | ◐ | ⚠ |
iac_ckv_ckv_aws_67 |
iac_scanning | aws | Ensure CloudTrail is enabled in all Regions. | ✓ | ✓ | ✓ | ✓ | ◐ | ✓ | ⚠ |
iac_ckv_ckv_aws_79 |
iac_scanning | aws | Ensure Instance Metadata Service Version 1 is not enabled. | ✓ | ◐ | ◐ | ◐ | ◐ | ◐ | ⚠ |
iac_ckv_ckv_aws_83 |
iac_scanning | aws | Ensure Elasticsearch Domain enforces HTTPS. | ✓ | ◐ | ◐ | ◐ | ◐ | ◐ | ◐ |
iac_ckv_ckv_aws_84 |
iac_scanning | aws | Ensure Elasticsearch Domain Logging is enabled. | ✓ | ◐ | ◐ | ◐ | ⚠ | ◐ | ◐ |
iac_ckv_ckv_aws_88 |
iac_scanning | aws | EC2 instance should not have public IP. | ◐ | ◐ | ◐ | ◐ | ◐ | ◐ | ◐ |
iac_ckv_ckv_aws_9 |
iac_scanning | aws | Ensure IAM password policy expires passwords within 90 days or less. | ✓ | ◐ | ◐ | ◐ | ◐ | ◐ | ⚠ |
iac_ckv_ckv_aws_96 |
iac_scanning | aws | Ensure all data stored in Aurora is securely encrypted at rest. | ✓ | ◐ | ◐ | ✓ | ◐ | ◐ | ◐ |
iac_ckv_ckv_gcp_114 |
iac_scanning | gcp | Ensure public access prevention is enforced on Cloud Storage bucket. | ✓ | ✓ | ✓ | ◐ | ✓ | ✓ | ✓ |
k8s_01_reject_root |
kubernetes_admission | starter | Reject any pod that runs as root. | ✓ | ✓ | ◐ | ✓ | ✓ | ∅ | ✓ |
k8s_02_privileged_prod |
kubernetes_admission | starter | Reject privileged containers in production. | ✓ | ◐ | ◐ | ◐ | ◐ | ◐ | ⚠ |
k8s_03_host_network |
kubernetes_admission | starter | Reject pods that use the host network. | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
k8s_cis_5_1_3 |
kubernetes_admission | cis | Minimize wildcard use in Roles and ClusterRoles - deny wildcard verbs on Secrets. | ✓ | ✓ | ✓ | ✓ | ⚠ | ✓ | ⚠ |
k8s_cis_5_1_5 |
kubernetes_admission | cis | Ensure that default service accounts are not actively used - pods must not use the default service account. | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ⚠ |
k8s_cis_5_1_6 |
kubernetes_admission | cis | Ensure that Service Account Tokens are only mounted where necessary - disallow automountServiceAccountToken in pods. | ◐ | ✓ | ✓ | ◐ | ✓ | ◐ | ◐ |
k8s_cis_5_2_1 |
kubernetes_admission | cis | Minimize the admission of privileged containers. | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
k8s_cis_5_2_10 |
kubernetes_admission | cis | Minimize the admission of Windows HostProcess containers. | ✓ | ✓ | ✓ | ✓ | ✓ | ∅ | ◐ |
k8s_cis_5_2_11 |
kubernetes_admission | cis | Minimize the admission of HostPath volumes. | ✓ | ✓ | ✓ | ✓ | ✓ | ⚠ | ⚠ |
k8s_cis_5_2_12 |
kubernetes_admission | cis | Minimize the admission of containers which use HostPorts. | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
k8s_cis_5_2_13 |
kubernetes_admission | cis | Minimize the admission of containers that allow privilege escalation through setuid binaries - require read-only root filesystem. | ✓ | ✓ | ✓ | ✓ | ✓ | ∅ | ✓ |
k8s_cis_5_2_14 |
kubernetes_admission | cis | Ensure containers drop ALL capabilities and only add back the ones required. | ✓ | ✓ | ✓ | ✓ | ◐ | ⚠ | ◐ |
k8s_cis_5_2_15 |
kubernetes_admission | cis | Require AppArmor profile runtime/default for all pods. | ✓ | ✓ | ✓ | ◐ | ◐ | ◐ | ◐ |
k8s_cis_5_2_2 |
kubernetes_admission | cis | Minimize the admission of containers wishing to share the host process ID namespace. | ✓ | ◐ | ✓ | ✓ | ✓ | ◐ | ✓ |
k8s_cis_5_2_3 |
kubernetes_admission | cis | Minimize the admission of containers wishing to share the host IPC namespace. | ✓ | ◐ | ✓ | ◐ | ✓ | ◐ | ✓ |
k8s_cis_5_2_4 |
kubernetes_admission | cis | Minimize the admission of containers wishing to share the host network namespace. | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
k8s_cis_5_2_5 |
kubernetes_admission | cis | Minimize the admission of containers with allowPrivilegeEscalation. | ✓ | ◐ | ✓ | ◐ | ◐ | ◐ | ◐ |
k8s_cis_5_2_6 |
kubernetes_admission | cis | Minimize the admission of root containers. | ✓ | ◐ | ◐ | ◐ | ✓ | ◐ | ⚠ |
k8s_cis_5_2_7 |
kubernetes_admission | cis | Minimize the admission of containers with the NET_RAW capability. | ✓ | ◐ | ✓ | ◐ | ✓ | ◐ | ⚠ |
k8s_cis_5_2_8 |
kubernetes_admission | cis | Minimize the admission of containers with added capabilities. | ✓ | ✓ | ✓ | ✓ | ⚠ | ✓ | ✓ |
k8s_cis_5_2_9 |
kubernetes_admission | cis | Minimize the admission of containers with capabilities assigned. | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
k8s_cis_5_7_1 |
kubernetes_admission | cis | Create administrative boundaries between resources using namespaces - deny creation in the default namespace. | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ⚠ |
k8s_cis_5_7_2 |
kubernetes_admission | cis | Ensure that the seccomp profile is set to docker/default in pod definitions. | ✓ | ◐ | ◐ | ◐ | ✓ | ◐ | ⚠ |
k8s_cis_5_7_3 |
kubernetes_admission | cis | Apply Security Context to Pods and Containers - require non-root execution. | ✓ | ◐ | ◐ | ◐ | ✓ | ◐ | ◐ |
k8s_cis_5_7_4 |
kubernetes_admission | cis | The default namespace should not be used for workload deployments. | ✓ | ✓ | ◐ | ✓ | ◐ | ◐ | ◐ |
k8s_gk_k8sal…llowed-repos |
kubernetes_admission | gk | Requires container images to begin with a string from the specified list. To prevent bypasses, ensure a '/' is added when specifying DockerHub repositories or custom registries. If exact matches or glob-like syntax are preferred, use the k8sallowedreposv2 policy. Every Pod in the "default" namespace must only use container images whose registry/repo starts with one of: "openpolicyagent/". | ✓ | ✓ | ◐ | ◐ | ◐ | ∅ | ⚠ |
k8s_gk_k8sal…owed-reposv2 |
kubernetes_admission | gk | This policy enforces that container images must begin with a string from a specified list. The updated version, K8sAllowedReposv2, introduces support for exact match and glob-like syntax to enhance security: 1. Exact Match: By default, if the * character is not specified, the policy strictly checks for an exact match of the full registry, repository, and/or the image name. 2. Glob-like Syntax: Adding * at the end of a prefix allows prefix-based matching (e.g., registry.example.com/project/*). Only the * wildcard at the end of a string is supported. 3. Security Note: To avoid bypasses scenarios, ensure prefixes include a trailing / where appropriate (e.g., registry.example.com/project/*). Every Pod in the "default" namespace: parameters are allowedImages=["openpolicyagent/*", "myregistry.azurecr.io/*", "mydockerhub/*", "ubuntu:20.14", "123456789123.dkr.ecr.eu-west-1.amazonaws.com/postgres"]. | ✓ | ✓ | ◐ | ◐ | ◐ | ∅ | ◐ |
k8s_gk_k8sbl…default-role |
kubernetes_admission | gk | Many Kubernetes installations by default have a system:aggregate-to-edit ClusterRole which does not properly restrict access to editing Endpoints. This ConstraintTemplate forbids the system:aggregate-to-edit ClusterRole from granting permission to create/patch/update Endpoints. ClusterRole/system:aggregate-to-edit should not allow Endpoint edit permissions due to CVE-2021-25740, Endpoint & EndpointSlice permissions allow cross-Namespace forwarding. | ✓ | ✓ | ✓ | ✓ | ⚠ | ✓ | ⚠ |
k8s_gk_k8sbl…cer-services |
kubernetes_admission | gk | Disallows all Services with type LoadBalancer. | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ◐ |
k8s_gk_k8sbl…ort-services |
kubernetes_admission | gk | Disallows all Services with type NodePort. | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | ✓ |
k8s_gk_k8sbl…card-ingress |
kubernetes_admission | gk | Users should not be able to create Ingresses with a blank or wildcard (*) hostname since that would enable them to intercept traffic for other services in the cluster, even if they don't have access to those services. | ✓ | ◐ | ◐ | ◐ | ✓ | ◐ | ⚠ |
k8s_gk_k8sdi…ow-anonymous |
kubernetes_admission | gk | Disallows associating ClusterRole and Role resources to the system:anonymous user and system:unauthenticated group. Every ClusterRoleBinding or RoleBinding: roleRef.name is one of [cluster-role-1]; subjects may not include user `system:anonymous` or group `system:unauthenticated`. | ◐ | ✗ | ◐ | ✗ | ⚠ | ∅ | ⚠ |
k8s_gk_k8sdi…uthenticated |
kubernetes_admission | gk | Disallows associating ClusterRole and Role resources to the system:anonymous user and system:unauthenticated group. Every ClusterRoleBinding or RoleBinding: subjects may not include user `system:anonymous` or group `system:unauthenticated`; subjects may not include group `system:authenticated` either. | ✓ | ✓ | ✓ | ✓ | ⚠ | ∅ | ⚠ |
k8s_gk_k8sdi…e-k8s-gcr-io |
kubernetes_admission | gk | Disallowed container repositories that begin with a string from the specified list. Every Pod must only use container images whose registry/repo starts with one of: "k8s.gcr.io/". | ✓ | ◐ | ◐ | ◐ | ◐ | ◐ | ◐ |
k8s_gk_k8sdi…allowed-tags |
kubernetes_admission | gk | Requires container images to have an image tag different from the ones in the specified list. Every Pod in the "default" namespace: parameters are tags=["latest"], exemptImages=["openpolicyagent/opa-exp:latest", "openpolicyagent/opa-exp2:latest"]. | ◐ | ◐ | ◐ | ◐ | ◐ | ◐ | ◐ |
k8s_gk_k8sdi…-interactive |
kubernetes_admission | gk | Requires that objects have the fields `spec.tty` and `spec.stdin` set to false or unset. | ✓ | ◐ | ◐ | ◐ | ◐ | ◐ | ◐ |
k8s_gk_k8sex…s_allowed-ip |
kubernetes_admission | gk | Restricts Service externalIPs to an allowed list of IP addresses. Every Service: every entry in spec.externalIPs (which is a list of IP strings) must belong to the set ["203.0.113.0"]. If any externalIP is outside this set, deny. | ✓ | ✓ | ✓ | ✓ | ⚠ | ✓ | ⚠ |
k8s_gk_k8sho…d-autoscaler |
kubernetes_admission | gk | Disallow the following scenarios when deploying `HorizontalPodAutoscalers` 1. Deployment of HorizontalPodAutoscalers with `.spec.minReplicas` or `.spec.maxReplicas` outside the ranges defined in the constraint 2. Deployment of HorizontalPodAutoscalers where the difference between `.spec.minReplicas` and `.spec.maxReplicas` is less than the configured `minimumReplicaSpread` 3. Deployment of HorizontalPodAutoscalers that do not reference a valid `scaleTargetRef` (e.g. Deployment, ReplicationController, ReplicaSet, StatefulSet). Every HorizontalPodAutoscaler must have between 3 and 6 replicas. | ◐ | ◐ | ◐ | ◐ | ◐ | ∅ | ⚠ |
k8s_gk_k8sht…tls-optional |
kubernetes_admission | gk | Requires Ingress resources to be HTTPS only. Ingress resources must include the `kubernetes.io/ingress.allow-http` annotation, set to `false`. By default a valid TLS {} configuration is required, this can be made optional by setting the `tlsOptional` parameter to `true`. Every Ingress must set annotation `kubernetes.io/ingress.allow-http: "false"`; a TLS configuration is optional. | ✓ | ✓ | ✓ | ✓ | ◐ | ✓ | ⚠ |
k8s_gk_k8sht…tls-required |
kubernetes_admission | gk | Requires Ingress resources to be HTTPS only. Ingress resources must include the `kubernetes.io/ingress.allow-http` annotation, set to `false`. By default a valid TLS {} configuration is required, this can be made optional by setting the `tlsOptional` parameter to `true`. | ✓ | ✓ | ✓ | ✓ | ◐ | ✓ | ⚠ |
k8s_gk_k8sim…-have-digest |
kubernetes_admission | gk | Requires container images to contain a digest. | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
k8s_gk_k8spo…ption-budget |
kubernetes_admission | gk | Disallow the following scenarios when deploying PodDisruptionBudgets or resources that implement the replica subresource (e.g. Deployment, ReplicationController, ReplicaSet, StatefulSet): 1. Deployment of PodDisruptionBudgets with .spec.maxUnavailable == 0 2. Deployment of PodDisruptionBudgets with .spec.minAvailable == .spec.replicas of the resource with replica subresource This will prevent PodDisruptionBudgets from blocking voluntary disruptions such as node draining. | ∅ | ◐ | ◐ | ◐ | ◐ | ∅ | ⚠ |
k8s_gk_k8sps…ups-together |
kubernetes_admission | gk | Controls the user and group IDs of the container and some volumes. Corresponds to the `runAsUser`, `runAsGroup`, `supplementalGroups`, and `fsGroup` fields in a PodSecurityPolicy. Every Pod: runAsUser must be set and greater than 0 (not root). Every Pod: any runAsGroup value is permitted (no restriction). Every Pod: any fsGroup value is permitted (no restriction). Every Pod: any supplementalGroups value is permitted (no restriction). | ✓ | ✓ | ✓ | ◐ | ◐ | ∅ | ◐ |
k8s_gk_k8sps…ccount-token |
kubernetes_admission | gk | Controls the ability of any Pod to enable automountServiceAccountToken. | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ◐ |
k8s_gk_k8sps…s-restricted |
kubernetes_admission | gk | Controls Linux capabilities on containers. Corresponds to the `allowedCapabilities` and `requiredDropCapabilities` fields in a PodSecurityPolicy. Every Pod: allowed Linux capabilities are NET_BIND_SERVICE. | ✓ | ✓ | ✓ | ◐ | ◐ | ◐ | ◐ |
k8s_gk_k8sps…lume-drivers |
kubernetes_admission | gk | Controls the allowlist of FlexVolume drivers. Corresponds to the `allowedFlexVolumes` field in PodSecurityPolicy. Every Pod: flexvolume driver must be one of "example/lvm", "example/cifs". | ✓ | ✓ | ✓ | ✓ | ◐ | ∅ | ⚠ |
k8s_gk_k8sps…dden-sysctls |
kubernetes_admission | gk | Controls the `sysctl` profile used by containers. Corresponds to the `allowedUnsafeSysctls` and `forbiddenSysctls` fields in a PodSecurityPolicy. When specified, any sysctl not in the `allowedSysctls` parameter is considered to be forbidden. The `forbiddenSysctls` parameter takes precedence over the `allowedSysctls` parameter. Every Pod: parameters are allowedSysctls=["kernel.shm_rmid_forced", "net.ipv4.ip_local_port_range", "net.ipv4.ip_unprivileged_port_start", "net.ipv4.tcp_syncookies", "net.ipv4.ping_group_range", "net.ipv4.ip_local_reserved_ports", "net.ipv4.tcp_keepalive_time", "net.ipv4.tcp_fin_timeout", "net.ipv4.tcp_keepalive_intvl", "net.ipv4.tcp_keepalive_probes"]. | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ⚠ |
k8s_gk_k8sps…den-sysctls3 |
kubernetes_admission | gk | Controls the `sysctl` profile used by containers. Corresponds to the `allowedUnsafeSysctls` and `forbiddenSysctls` fields in a PodSecurityPolicy. When specified, any sysctl not in the `allowedSysctls` parameter is considered to be forbidden. The `forbiddenSysctls` parameter takes precedence over the `allowedSysctls` parameter. Every Pod: no securityContext.sysctls entry may use any of the forbidden names ["kernel.*"] (including prefix globs like `kernel.*`). | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ⚠ |
k8s_gk_k8sps…lowedsysctls |
kubernetes_admission | gk | Controls the `sysctl` profile used by containers. Corresponds to the `allowedUnsafeSysctls` and `forbiddenSysctls` fields in a PodSecurityPolicy. When specified, any sysctl not in the `allowedSysctls` parameter is considered to be forbidden. The `forbiddenSysctls` parameter takes precedence over the `allowedSysctls` parameter. Every Pod: no securityContext.sysctls entry may use any of the forbidden names ["kernel.*"] (including prefix globs like `kernel.*`). | ◐ | ◐ | ◐ | ◐ | ◐ | ◐ | ◐ |
k8s_gk_k8sps…lowedsysctls |
kubernetes_admission | gk | Controls the `sysctl` profile used by containers. Corresponds to the `allowedUnsafeSysctls` and `forbiddenSysctls` fields in a PodSecurityPolicy. When specified, any sysctl not in the `allowedSysctls` parameter is considered to be forbidden. The `forbiddenSysctls` parameter takes precedence over the `allowedSysctls` parameter. Every Pod: no securityContext.sysctls entry may use any of the forbidden names ["kernel.*"] (including prefix globs like `kernel.*`). | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
k8s_gk_k8sps…roup_fsgroup |
kubernetes_admission | gk | Controls allocating an FSGroup that owns the Pod's volumes. Corresponds to the `fsGroup` field in a PodSecurityPolicy. Every Pod: if fsGroup is set, it must be in 1..1000. | ✓ | ✓ | ✓ | ✓ | ⚠ | ✓ | ⚠ |
k8s_gk_k8sps…empty-ranges |
kubernetes_admission | gk | Controls allocating an FSGroup that owns the Pod's volumes. Corresponds to the `fsGroup` field in a PodSecurityPolicy. Every Pod: any fsGroup value is a violation (no values are permitted by this rule). | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
k8s_gk_k8sps…o-host-paths |
kubernetes_admission | gk | Controls usage of the host filesystem. Corresponds to the `allowedHostPaths` field in a PodSecurityPolicy. | ✓ | ✓ | ✓ | ✓ | ✓ | ∅ | ✓ |
k8s_gk_k8sps…st-namespace |
kubernetes_admission | gk | Disallows sharing of host PID and IPC namespaces by pod containers. Corresponds to the `hostPID` and `hostIPC` fields in a PodSecurityPolicy. | ✓ | ✓ | ✓ | ✓ | ⚠ | ✓ | ⚠ |
k8s_gk_k8sps…rk-forbidden |
kubernetes_admission | gk | Controls usage of host network namespace by pod containers. HostNetwork verification happens without exception for exemptImages. Specific ports must be specified. Corresponds to the `hostNetwork` and `hostPorts` fields in a PodSecurityPolicy. Every Pod: hostNetwork allowed is false. | ✓ | ✓ | ✓ | ✓ | ✓ | ∅ | ✓ |
k8s_gk_k8sps…work-allowed |
kubernetes_admission | gk | Controls usage of host network namespace by pod containers. HostNetwork verification happens without exception for exemptImages. Specific ports must be specified. Corresponds to the `hostNetwork` and `hostPorts` fields in a PodSecurityPolicy. Every Pod: hostNetwork allowed is true. | ◐ | ◐ | ◐ | ◐ | ◐ | ⚠ | ⚠ |
k8s_gk_k8sps…rk-forbidden |
kubernetes_admission | gk | Controls usage of host network namespace by pod containers. HostNetwork verification happens without exception for exemptImages. Specific ports must be specified. Corresponds to the `hostNetwork` and `hostPorts` fields in a PodSecurityPolicy. Every Pod: hostNetwork allowed is false. | ✓ | ✓ | ◐ | ◐ | ⚠ | ∅ | ✓ |
k8s_gk_k8sps…s-disallowed |
kubernetes_admission | gk | Disallows HostProcess containers for Windows pods. HostProcess containers enable privileged access on Windows nodes and must be disallowed in Baseline and Restricted policies. Corresponds to the windowsOptions.hostProcess field in a Pod's securityContext or container securityContext. | ✓ | ✓ | ✓ | ◐ | ⚠ | ∅ | ◐ |
k8s_gk_k8sps…s-disallowed |
kubernetes_admission | gk | Controls the ability of any container to enable privileged mode. Corresponds to the `privileged` field in a PodSecurityPolicy. Every Pod: parameters are exemptImages=["safeimages.com/*"]. | ✓ | ✓ | ✓ | ◐ | ✓ | ◐ | ◐ |
k8s_gk_k8sps…unt-required |
kubernetes_admission | gk | Controls the allowed `procMount` types for the container. Corresponds to the `allowedProcMountTypes` field in a PodSecurityPolicy. Every Pod may only use procMount type "Default". | ✓ | ◐ | ◐ | ◐ | ◐ | ◐ | ◐ |
k8s_gk_k8sps…t-filesystem |
kubernetes_admission | gk | Requires the use of a read-only root file system by pod containers. Corresponds to the `readOnlyRootFilesystem` field in a PodSecurityPolicy. Every Pod: parameters are exemptImages=["specialprogram"]. | ✓ | ◐ | ✓ | ◐ | ◐ | ◐ | ◐ |
k8s_gk_k8sps…p-restricted |
kubernetes_admission | gk | Controls the seccomp profile used by containers. Corresponds to the `securityContext.seccompProfile` field. Security contexts from the annotation is not considered as Kubernetes no longer reads security contexts from the annotation. Every Pod: parameters are exemptImages=["nginx-exempt"], allowedProfiles=["RuntimeDefault", "Localhost"], allowedLocalhostFiles=["*"]. | ✓ | ✓ | ◐ | ◐ | ⚠ | ⚠ | ⚠ |
k8s_gk_k8sps…inux-options |
kubernetes_admission | gk | Defines an allow-list of seLinuxOptions configurations for pod containers. Corresponds to a PodSecurityPolicy requiring SELinux configs. Every Pod: parameters are allowedSELinuxOptions=[{"type": "container_t"}, {"type": "container_init_t"}, {"type": "container_kvm_t"}, {"type": "container_engine_t"}]. | ✓ | ✓ | ✓ | ◐ | ◐ | ◐ | ◐ |
k8s_gk_k8sps…h-disallowed |
kubernetes_admission | gk | Restricts mountable volume types to those specified by the user. Corresponds to the `volumes` field in a PodSecurityPolicy. Every Pod: parameters are volumes=["configMap", "csi", "downwardAPI", "emptyDir", "ephemeral", "persistentVolumeClaim", "projected", "secret"]. | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ⚠ |
k8s_gk_k8sre…eplica-limit |
kubernetes_admission | gk | Requires that objects with the field `spec.replicas` (Deployments, ReplicaSets, etc.) specify a number of replicas within defined ranges. Every Deployment must have between 3 and 50 replicas. | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
k8s_gk_k8sre…and-requests |
kubernetes_admission | gk | Requires containers to have defined resources set. Every Pod: every container must declare limits for cpu, memory and requests for cpu, memory. | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
k8s_gk_k8sst…ss-allowlist |
kubernetes_admission | gk | Requires storage classes to be specified when used. Only Gatekeeper 3.9+ and non-ephemeral containers are supported. Every PersistentVolumeClaim or StatefulSet: parameters are includeStorageClassesInMessage=true, allowedStorageClasses=["allowed-storage-class"]. | ✓ | ✓ | ✓ | ✓ | ◐ | ◐ | ⚠ |
k8s_gk_noupd…rviceaccount |
kubernetes_admission | gk | Blocks updating the service account on resources that abstract over Pods. This policy is ignored in audit mode. Every ReplicationController, ReplicaSet, Deployment, StatefulSet, DaemonSet or CronJob in the "kube-system" namespace: no groups or users are permitted. | ✓ | ✓ | ✓ | ✓ | ⚠ | ∅ | ⚠ |
k8s_gk_verif…atedapi-1_29 |
kubernetes_admission | gk | Verifies deprecated Kubernetes APIs to ensure all the API versions are up to date. This template does not apply to audit as audit looks at the resources which are already present in the cluster with non-deprecated API versions. Every FlowSchema or PriorityLevelConfiguration: parameters are kvs=[{"deprecatedAPI": "flowcontrol.apiserver.k8s.io/v1beta2", "kinds": ["FlowSchema", "PriorityLevelConfiguration"], "targetAPI": "flowcontrol.apiserver.k8s.io/v1beta3"}], k8sVersion=1.29. | ✓ | ✓ | ✓ | ✓ | ⚠ | ✓ | ⚠ |
k8s_kyv_allo…abel-changes |
kubernetes_admission | kyv | In some cases, operations teams need a type of limited access to change resources during troubleshooting or outage mitigation. This policy demonstrates how to prevent modification to labels except one with the key `breakglass`. Changing, adding, or deleting any other labels is denied. | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
k8s_kyv_appl…ault-project |
kubernetes_admission | kyv | This policy prevents the use of the default project in an Application. | ✓ | ◐ | ◐ | ◐ | ✓ | ◐ | ✓ |
k8s_kyv_appl…ches-project |
kubernetes_admission | kyv | This policy ensures that the name of the ApplicationSet is the same value provided in the project. | ✓ | ◐ | ◐ | ◐ | ✓ | ◐ | ◐ |
k8s_kyv_appp…rceblacklist |
kubernetes_admission | kyv | An AppProject may optionally specify clusterResourceBlacklist which is a blacklisted group of cluster resources. This is often a good practice to ensure AppProjects do not allow more access than needed. This policy is a combination of two rules which enforce that all AppProjects specify clusterResourceBlacklist and that their group and kind have wildcards as values. | ✓ | ✓ | ✓ | ✓ | ✓ | ∅ | ⚠ |
k8s_kyv_bloc…ates-deletes |
kubernetes_admission | kyv | Kubernetes RBAC allows for controls on kinds of resources or those with specific names. But it does not have the type of granularity often required in more complex environments. This policy restricts updates and deletes to any Service resource that contains the label `protected=true` unless by a cluster-admin. | ✓ | ◐ | ◐ | ✓ | ⚠ | ∅ | ⚠ |
k8s_kyv_cert…mit-duration |
kubernetes_admission | kyv | Kubernetes managed non-letsencrypt certificates have to be renewed in every 100 days. | ✓ | ✓ | ✓ | ◐ | ◐ | ∅ | ◐ |
k8s_kyv_check-env-vars |
kubernetes_admission | kyv | Environment variables control many aspects of a container's execution and are often the source of many different configuration settings. Being able to ensure that the value of a specific environment variable either is or is not set to a specific string is useful to maintain such controls. This policy checks every container to ensure that if the `DISABLE_OPA` environment variable is defined, it must not be set to a value of `"true"`. | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
k8s_kyv_check-nvidia-gpus |
kubernetes_admission | kyv | Containers which request use of an NVIDIA GPU often need to be authored to consume them via a CUDA environment variable called NVIDIA_VISIBLE_DEVICES. This policy checks the containers which request a GPU to ensure they have been authored with this environment variable. | ✓ | ✓ | ✓ | ✓ | ⚠ | ∅ | ⚠ |
k8s_kyv_check-routes |
kubernetes_admission | kyv | HTTP traffic is not encrypted and hence insecure. This policy prevents configuration of OpenShift HTTP routes. | ✓ | ◐ | ◐ | ◐ | ◐ | ∅ | ◐ |
k8s_kyv_check-sa |
kubernetes_admission | kyv | ServiceAccounts with privileges to create Pods may be able to do so and name a ServiceAccount other than the one used to create it. This policy checks the Pod, if created by a ServiceAccount, and ensures the `serviceAccountName` field matches the actual ServiceAccount. | ◐ | ◐ | ◐ | ◐ | ◐ | ◐ | ⚠ |