cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

About SCullum

Announcements

Changes to the LIVEcommunity experience are coming soon... Here's what you need to know.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
SCullum
‎02-03-2021
since ‎02-03-2021
L0 Member
User Activity
User Profile
User Badges
Public Statistics
Date Registered ‎02-03-2021 03:19 AM
Date Last Visited ‎02-03-2021 07:22 AM
Total Messages Posted 1

When running a REGO script with the open policy agent OPA how do i only specify the kubernetes cluster to run against

by in Prisma Cloud Discussions
‎02-03-2021 03:59 AM
‎02-03-2021 03:59 AM
I have multiple kubernetes clusters ; however when running a REGO script with the open policy agent how do i only run the policy against the cluster i want.. https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-compute/access_control/open_policy_agent.html q1) Is this done in the REGO script itself (see below) ..eg "if cluster == XXX" etc q2) Would this be done in the Prisma cloud UI ( i cannot see any where to mark a OPA policy as run on particular cluster etc ) # pseudo code.. How do i only run this policy on the cluster i care about if CLUSTER == "XXXX" { repo := "foobar" deny[msg] { some i input.request.kind.kind == "Pod" image := input.request.object.spec.containers[i].image not startswith(image, repo) msg := sprintf("Image '%s' comes from untrusted registry use '%s'",[image,repo]) }   The UI - shows no setting to only run this policy against a particular cluster .. ... View more
Register or Sign-in
Contact Me
Online Status
Offline
Date Last Visited
‎02-03-2021 07:22 AM
Likes Given To
View All
Latest Blogs
Latest Posts
Privacy Policy Terms of Use
Copyright 2007 - 2021 - Palo Alto Networks