You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: site-src/guides/api-overview.md
+6-6Lines changed: 6 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -53,7 +53,7 @@ selected by the AdminNetworkPolicy, as opposed to implicit deny NetworkPolicy ru
53
53
-**Pass**: Traffic that matches a `Pass` rule will skip all further rules from all
54
54
numbered ANPs and instead be enforced by the K8s NetworkPolicies.
55
55
If there is no K8s NetworkPolicy of BaselineAdminNetworkPolicy rule match
56
-
match, traffic will be governed by the implementation. For most implementations,
56
+
traffic will be governed by the implementation. For most implementations,
57
57
this means "allow", but there may be implementations which have their own policies
58
58
outside of the standard Kubernetes APIs.
59
59
-**Deny**: Traffic that matches a `Deny` rule will be dropped.
@@ -66,10 +66,10 @@ modified by the admin, or overridden by a higher priority rule.
66
66
67
67
On the other hand, the `Allow` rules can be used to call out traffic in the cluster
68
68
that needs to be allowed for certain components to work as expected (egress to
69
-
CoreDNS for example). Those traffic should not be blocked when developers apply
69
+
CoreDNS for example). This traffic should not be blocked when developers apply
70
70
NetworkPolicy to their Namespaces which isolates the workloads.
71
71
72
-
AdminNetworkPolicy `Pass` rules allows an admin to delegate security posture for
72
+
AdminNetworkPolicy `Pass` rules allow an admin to delegate security posture for
73
73
certain traffic to the Namespace owners by overriding any lower precedence Allow
74
74
or Deny rules. For example, intra-tenant traffic management can be delegated to tenant
75
75
admins explicitly with the use of `Pass` rules. More specifically traffic selected
@@ -92,15 +92,15 @@ Each ANP should define at least one `Ingress` or `Egress` relevant in-cluster tr
92
92
along with the associated Action that should occur. In each `gress` rule the user
93
93
should AT THE MINIMUM define an `Action`, and at least one `AdminNetworkPolicyPeer`.
94
94
Optionally the user may also define select `Ports` to filter traffic on and also
95
-
a name for each rule to make management/ reporting easier for Admins.
95
+
a name for each rule to make management and reporting easier for Admins.
96
96
97
97
### AdminNetworkPolicy Status
98
98
99
99
For `v1alpha1` of this API the ANP status field is simply defined as a list of
100
-
[`metav1.condition`](https://github.com/kubernetes/apimachinery/blob/v0.25.0/pkg/apis/meta/v1/types.go#L1464)s. Currently there are no rule as to what these conditions should display,
100
+
[`metav1.condition`](https://github.com/kubernetes/apimachinery/blob/v0.25.0/pkg/apis/meta/v1/types.go#L1464)s. Currently there are no rules as to what these conditions should display,
101
101
and it is up to each implementation to report what they see fit. For further
102
102
API iterations the community may consider standardizing these conditions based on
103
-
the usefulness they provide for various implementors.
103
+
the usefulness they provide for various implementors.
0 commit comments