Enforces that every container has an appropriate memory requests defined.
Note that this policy is part of the following security standards:
bsi/containerization: BSI IT-Grundschutz "Containerisierung": Section: SYS.1.6.A15
- name: nginx
- containerPort: 80
+ memory: "1G"
securitytower.io/policy.exclusion.enforcememoryrequestas on the example below.
apiVersion: apps/v1 kind: Deployment metadata: name: your-deployment annotations: securitytower.io/policy.exclusion.enforcememoryrequest: |- The performance tests are not finished. So we have no information which resources are required by this deployment. ...