PolicyController(mapping=None, *, ignore_unknown_fields=False, **kwargs)Configuration for Policy Controller
Attributes | |
|---|---|
| Name | Description |
enabled |
bool
Enables the installation of Policy Controller. If false, the rest of PolicyController fields take no effect. |
template_library_installed |
bool
Installs the default template library along with Policy Controller. |
audit_interval_seconds |
int
Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether. |
exemptable_namespaces |
Sequence[str]
The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster. |
referential_rules_enabled |
bool
Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated. |
log_denies_enabled |
bool
Logs all denies and dry run failures. |