bharatmicrosystems · October 30, 2020 08:22
diff --git a/generate.yaml b/generate.yaml
 apiVersion: kyverno.io/v1
 kind: ClusterPolicy
 metadata:
  name: "default"
 spec:
  rules:
  - name: "default-deny"
    match:
      resources: 
        kinds:
        - Namespace
        name: "*"
    exclude:
      namespaces:
        - "kube-system"
        - "default"
        - "kube-public"
        - "kyverno"
    generate: 
      kind: NetworkPolicy
      name: default-deny-all-traffic
      namespace: "{{request.object.metadata.namespace}}" 
      data:  
        spec:
          podSelector: {}
          policyTypes: 
          - Ingress
          - Egress
	apiVersion: kyverno.io/v1
	kind: ClusterPolicy
	metadata:
	name: "default"
	spec:
	rules:
	- name: "default-deny"
	match:
	resources:
	kinds:
	- Namespace
	name: "*"
	exclude:
	namespaces:
	- "kube-system"
	- "default"
	- "kube-public"
	- "kyverno"
	generate:
	kind: NetworkPolicy
	name: default-deny-all-traffic
	namespace: "{{request.object.metadata.namespace}}"
	data:
	spec:
	podSelector: {}
	policyTypes:
	- Ingress
	- Egress