The Anthos Service Mesh security policy bundle enforces policies in the following domains:
- Anthos Service Mesh enforce mTLS traffic
- Anthos Service Mesh AuthorizationPolicy best practices
- Anthos Service Mesh workload security enforcement
This bundle requires Anthos Policy Controller v1.11.2 or higher.
kubectl kustomize https://github.com/GoogleCloudPlatform/acm-policy-controller-library.git/bundles/asm-policy-v0.0.1
kubectl apply -k https://github.com/GoogleCloudPlatform/acm-policy-controller-library.git/bundles/asm-policy-v0.0.1
enforcementAction
: The enforcement mode of the constraints, options aredryrun
(default),deny
orwarn
.strictness-level
: The strictness level of the security policy constraints, options areLow
orHigh
(default).