Skip to content

Instantly share code, notes, and snippets.

@becki-at-luminal
becki-at-luminal / pod-compliant.yaml
Created Oct 11, 2021
Securing a Kubernetes pod with Regula and OPA (blog post) -- noncompliant and compliant Kubernetes manifests
View pod-compliant.yaml
apiVersion: v1
kind: Pod
metadata:
name: hello
annotations:
seccomp.security.alpha.kubernetes.io/pod: "runtime/default"
spec:
securityContext:
runAsUser: 1001
automountServiceAccountToken: false
@becki-at-luminal
becki-at-luminal / ami.tf
Created Sep 27, 2021
Using Regula and OPA to check AWS AMI IDs in Terraform (blog post) -- Rego custom rule and Terraform file
View ami.tf
# A Terraform file to test the approved_ami.rego custom rule
# See our blog post for details: https://blog.fugue.co
provider "aws" {
region = "us-east-1"
}
resource "aws_instance" "good" {
ami = "ami-09e67e426f25ce0d7"
instance_type = "t2.micro"