policy: Add policy to prevent host network usage

The `policy` Kustomize project defines various cluster-wide security policies. Initially, this includes a Validating Admission Policy that prevents pods from using the host's network namespace.
2025-10-13 11:29:39 -05:00
parent e1874565b8
commit 5c6a77c47c
3 changed files with 78 additions and 0 deletions
--- a/policy/kustomization.yaml
+++ b/policy/kustomization.yaml
@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+- disallow-hostnetwork.yaml