C-0266 - Exposure to internet via Gateway API or Istio Ingress
Framework
security
Severity
High
Description of the the issue
This control detect workloads that are exposed on Internet through a Gateway API (HTTPRoute,TCPRoute, UDPRoute) or Istio Gateway. It fails in case it find workloads connected with these resources.
Related resources
CronJob, DaemonSet, Deployment, Gateways, HTTPRoute, Job, Pod, ReplicaSet, Service, StatefulSet, TCPRoute, UDPRoute, VirtualService
What does this control test
Checks if workloads are exposed through the use of Gateway API (HTTPRoute,TCPRoute, UDPRoute) or Istio Gateway.
Remediation
The user can evaluate its exposed resources and apply relevant changes wherever needed.
Example
No example
Updated 11 days ago