Control: CronJob definition should not use default namespace
Description
Default namespace should not be used by CronJob definition. Placing objects in this namespace makes application of RBAC and other controls more difficult.
Usage
Run the control in your terminal:
powerpipe control run kubernetes_compliance.control.cronjob_default_namespace_usedSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run kubernetes_compliance.control.cronjob_default_namespace_used --shareSQL
This control uses a named query:
select coalesce(uid, concat(path, ':', start_line)) as resource, case when namespace = 'default' then 'alarm' else 'ok' end as status, case when namespace = 'default' then name || ' uses default namespace.' else name || ' not using the default namespace.' end as reason, name as cronjob_name , coalesce(context_name, '') as context_name, namespace, source_type, coalesce(path || ':' || start_line || '-' || end_line, '') as pathfrom kubernetes_cronjob;