Description
Describe the bug
Hello, I generated a yaml file with policy inserted using az confcom katapolicygen --yaml "pod.yaml" --print-policy, and it was successfully deployed in AKS.
To debug my service, I need to do kubectl exec kafka-golang-consumer -n kafka -it -- /bin/sh. It was blocked due to the default policy.
So I modified the rego file and set default ExecProcessRequest := true. However, when I do kubectl exec it only shows the console, I am not able to type anything. Can anyone help with what went wrong please?
Related command
az confcom katapolicygen --yaml "pod.yaml" --print-policy > policy.base64
base64 -di < policy.base64 > generated.rego
# set `default ExecProcessRequest := true`
base64 -w0 < generated.rego > generated.rego.base64
# Replace the yaml file policy with generated.rego.base64
Errors
Console stuck, not able to type anything
Issue script & Debug output
NA
Expected behavior
Be able to exec inside the container and run commands
Environment Summary
azure-cli 2.68.0
core 2.68.0
telemetry 1.1.0
Extensions:
confcom 1.2.1
Dependencies:
msal 1.31.1
azure-mgmt-resource 23.1.1
Python location '/opt/az/bin/python3'
Extensions directory '/home/azureuser/.azure/cliextensions'
Python (Linux) 3.12.8 (main, Jan 8 2025, 03:38:17) [GCC 11.4.0]
Legal docs and information: aka.ms/AzureCliLegal
Your CLI is up-to-date.
Additional context
No response
Activity