RE: Detect security misconfigurations in Helm files
= Planned for 10.X LTS
If you define an authenticated API, and some internal endpoints which do not require authentication, and then you expose “uri: /” instead of “uri: /api”, then the internal endpoints will be accessible externally by accident.
Example code to match, from …/templates/ingress.yaml:
http:
- match:
- uri:
…
rewrite:
uri: /