Ability to define custom audit polcy rules

2026-03-06 18:17:47 +03:00 · 2018-08-20 07:04:56 +02:00
parent 855f2a55cb
commit fc38b6d0ca
2 changed files with 10 additions and 0 deletions
--- a/roles/kubernetes/master/templates/apiserver-audit-policy.yaml.j2
+++ b/roles/kubernetes/master/templates/apiserver-audit-policy.yaml.j2
@@ -1,6 +1,9 @@
 apiVersion: audit.k8s.io/v1beta1
 kind: Policy
 rules:
+{% if audit_policy_custom_rules is defined and audit_policy_custom_rules != "" -%}
+{{ audit_policy_custom_rules | indent(2, true) }}
+{% else %}
  # The following requests were manually identified as high-volume and low-risk,
  # so drop them.
  - level: None
@@ -123,3 +126,4 @@ rules:
  - level: Metadata
    omitStages:
      - "RequestReceived"
+{% endif %}