Why the audit policy is capturing logs for only 'networkpolicy' changes but not for 'egressnetworkpolicy'?
Issue
- For a security requirement to audit the changes for
networkpolicy
andegressnetworkpolicy
, below policy is applied with groupextensions
, however only logs related tonetworkpolicy
are generated and not foregressnetworkpolicy
.
root@ocp-master-201: ~$ cat /etc/origin/master/adv-audit.yaml
apiVersion: audit.k8s.io/v1beta1
kind: Policy
rules:
- level: RequestResponse
users:
verbs:
resources:
- group: "" # core API group
- group: "extensions"
root@ocp-master-201: ~$
- How to generate the logs for
egressnetworkpolicy
?
Environment
- Red Hat OpenShift Container Platform 3.11
- Audit policy object
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.