Page cover

Create Guard to Deny All Ingress

Create Guard to Deny All Ingress is used to create a CloudekaGuard that will deny all incoming traffic (ingress) to pods in a certain namespace. By using this syntax, you can ensure that no unauthorized incoming connections can access pods in the namespace. You can first run the following syntax to create a YAML file with the name deny-all-ingress.

nano deny-all-ingress.yaml

Copy and paste the following YAML contents.

apiVersion: tenants.cloudeka.ai/v1alpha2
kind: CloudekaGuard
metadata:
  name: deny-all-ingress
  namespace: ns1
spec:
  endpointSelector:
    matchLabels:
      namespace: ns1
  ingress:
  - {}

After pasting the syntax, save the file by pressing Ctrl + O, then press the Enter key and exit the editor by pressing Ctrl + X. The next step is to apply Cloudeka Guard.

kubectl apply -f deny-all-ingress.yaml

Last updated