Class PolicyController (1.1.0)

PolicyController(mapping=None, *, ignore_unknown_fields=False, **kwargs)

Configuration for Policy Controller

Attributes

NameDescription
enabled bool
Enables the installation of Policy Controller. If false, the rest of PolicyController fields take no effect.
template_library_installed bool
Installs the default template library along with Policy Controller.
audit_interval_seconds int
Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.
exemptable_namespaces Sequence[str]
The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.
referential_rules_enabled bool
Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.
log_denies_enabled bool
Logs all denies and dry run failures.