UNCLASSIFIED - NO CUI

Skip to content

Bug: allow-egress-minio NetworkPolicy is improperly defined causing the policy to allow all egress in the velero namespace

The - from: statement in the egress policy results in the policy as defined below

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: allow-egress-minio
  namespace: velero
  egress:
  - {}
  - ports:
    - port: 9000
      protocol: TCP
    to:
    - namespaceSelector:
        matchLabels:
          app.kubernetes.io/name: label
  podSelector: {}
  policyTypes:
  - Egress

from is not a valid directive in an egress statement