1 개요[ | ]
- k8s ValidatingWebhookConfiguration
- 밸리데이팅 웹훅 컨피규레이션
- 변경이 없는 객체에 대해 수락/거부하는 승인 웹훅 설정을 기술하는 k8s API 리소스
yaml
Copy
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
name: "pod-policy.example.com"
webhooks:
- name: "pod-policy.example.com"
rules:
- apiGroups: [""]
apiVersions: ["v1"]
operations: ["CREATE"]
resources: ["pods"]
scope: "Namespaced"
clientConfig:
service:
namespace: "example-namespace"
name: "example-service"
caBundle: "Ci0tLS0tQk...<`caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate.>...tLS0K"
admissionReviewVersions: ["v1", "v1beta1"]
sideEffects: None
timeoutSeconds: 5
2 같이 보기[ | ]
- k8s 동적 승인 제어(Dynamic Admission Control)
- k8s MutatingWebhookConfiguration
- kubectl get ValidatingWebhookConfiguration
3 참고[ | ]
- https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/
- https://kubernetes.io/docs/reference/kubernetes-api/extend-resources/validating-webhook-configuration-v1/
- https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/#configure-admission-webhooks-on-the-fly
편집자 Jmnote
로그인하시면 댓글을 쓸 수 있습니다.