Description:
if there is a cluster wide default deny policy in place - the scan will stop, and all pods in the cluster are deemed covered by that policy. It would be cool if it was possible to exclude a single policy with e.g:
netfetch scan --exclude cluster-wide-default-deny-all
It would then be possible to scan the rest of the cluster, even when a default deny all is in place.
Description:
if there is a cluster wide default deny policy in place - the scan will stop, and all pods in the cluster are deemed covered by that policy. It would be cool if it was possible to exclude a single policy with e.g:
netfetch scan --exclude cluster-wide-default-deny-allIt would then be possible to scan the rest of the cluster, even when a default deny all is in place.