ci: Add exceptions for node-exporter to kubescape config

2025-10-23 21:21:11 +02:00 · 2022-01-19 15:04:31 +00:00 · 2022-01-19 15:04:31 +00:00 · 02f1550261
commit 02f1550261
parent 4d004393e1
1 changed files with 29 additions and 0 deletions
--- a/kubescape-exceptions.json
+++ b/kubescape-exceptions.json
@ -0,0 +1,29 @@
+[
+  {
+    "name": "exclude-node-exporter-host-access-checks",
+    "policyType": "postureExceptionPolicy",
+    "actions": [
+      "alertOnly"
+    ],
+    "resources": [
+      {
+        "designatorType": "Attributes",
+        "attributes": {
+          "kind": "DaemonSet",
+          "name": "node-exporter"
+        }
+      }
+    ],
+    "posturePolicies": [
+      {
+        "controlName": "Container hostPort"
+      },
+      {
+        "controlName": "Host PID/IPC privileges"
+      },
+      {
+        "controlName": "HostNetwork access"
+      }
+    ]
+  }
+]