github_mirrors/openappsec
3
0
Fork 1
mirror of https://github.com/openappsec/openappsec.git synced 2025-06-28 16:41:02 +03:00
Code Issues Packages Projects Releases Wiki Activity

Create pen-appsec-k8s-full-example-config-v1beta2.yaml

Browse Source
This commit is contained in:
orianelou 2024-12-30 13:35:05 +02:00 committed by GitHub
parent 0824cf4b23
commit 91bcadf930
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 155 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

155
config/k8s/v1beta2/pen-appsec-k8s-full-example-config-v1beta2.yaml Normal file
View File

@ -0,0 +1,155 @@
apiVersion: openappsec.io/v1beta2
kind: AccessControlPractice
metadata:
name: access-control-practice-example
spec:
practiceMode: prevent
rateLimit:
overrideMode: prevent
rules:
- action: inherited
comment: Limiting access to the resource
limit: 100
triggers:
- appsec-log-trigger
unit: minute
uri: /api/resource
- action: inherited
comment: Rate limiting for authentication requests
limit: 50
triggers:
- appsec-log-trigger
unit: second
uri: /api/auth
---
apiVersion: openappsec.io/v1beta2
kind: CustomResponse
metadata:
name: custom-response-block-page-example
spec:
mode: block-page
messageTitle: "Access Denied"
messageBody: "Your request was blocked for security reasons."
httpResponseCode: 403
---
apiVersion: openappsec.io/v1beta2
kind: Exception
metadata:
name: exception-example
spec:
action: accept
condition:
- key: countryCode
value: US
---
apiVersion: openappsec.io/v1beta2
kind: LogTrigger
metadata:
name: log-trigger-example
spec:
accessControlLogging:
allowEvents: false
dropEvents: true
appsecLogging:
detectEvents: true
preventEvents: true
allWebRequests: false
additionalSuspiciousEventsLogging:
enabled: true
minSeverity: high # {high|critical}
responseBody: false
responseCode: true
extendedLogging:
urlPath: true
urlQuery: true
httpHeaders: false
requestBody: false
logDestination:
cloud: true
stdout:
format: json-format
---
apiVersion: openappsec.io/v1beta2
kind: Policy
metadata:
name: policy-example
spec:
default:
mode: prevent-learn
accessControlPractices: [access-control-practice-example]
threatPreventionPractices: [threat-prevention-practice-example]
triggers: [log-trigger-example]
customResponse: custom-response-response-code-example
sourceIdentifiers: ""
trustedSources: ""
exceptions:
- exception-example
---
apiVersion: openappsec.io/v1beta2
kind: SourcesIdentifier
metadata:
name: sources-identifier-example
spec:
sourcesIdentifiers:
- identifier: sourceip
---
apiVersion: openappsec.io/v1
kind: ThreatPreventionPractices
metadata:
name: threat-prevention-practice-example
spec:
name: custom-web-protection
practiceMode: prevent
webAttacks:
overrideMode: prevent-learn
minimumConfidence: high
maxUrlSizeBytes: 4096
maxObjectDepth: 10
maxBodySizeKb: 1024
maxHeaderSizeBytes: 8192
protections:
csrfProtection: prevent
errorDisclosure: detect
openRedirect: inactive
nonValidHttpMethods: true
antiBot:
overrideMode: detect
injectedUris:
- /admin/login
- /user/auth
validatedUris:
- /secure-area
snortSignatures:
overrideMode: detect-learn
configmap:
- name: custom-snort-rules
path: /config/snort
schemaValidation:
overrideMode: prevent
enforcementLevel: strict
configmap: [custom-schema-rules]
intrusionPrevention:
overrideMode: detect
maxPerformanceImpact: medium
minSeverityLevel: high
minCveYear: 2015
highConfidenceEventAction: prevent
mediumConfidenceEventAction: detect
---
apiVersion: openappsec.io/v1
kind: SourcesIdentifier
metadata:
name: trusted-sources-example
spec:
minNumOfSources: 3
sourcesIdentifiers:
- 1.0.0.27
- 1.0.0.28
- 1.0.0.29