diff --git a/best-practices-cel/disallow-helm-tiller/artifacthub-pkg.yml b/best-practices-cel/disallow-helm-tiller/artifacthub-pkg.yml index 1f35eaaa8..63960e8f3 100644 --- a/best-practices-cel/disallow-helm-tiller/artifacthub-pkg.yml +++ b/best-practices-cel/disallow-helm-tiller/artifacthub-pkg.yml @@ -5,7 +5,7 @@ description: >- Tiller, found in Helm v2, has known security challenges. It requires administrative privileges and acts as a shared resource accessible to any authenticated user. Tiller can lead to privilege escalation as restricted users can impact other users. It is recommend to use Helm v3+ which does not contain Tiller for these reasons. This policy validates that there is not an image containing the name `tiller`. install: |- ```shell - kubectl apply -f https://raw.githubusercontent.com/kyverno/policies/main/best-practices/disallow-helm-tiller/disallow-helm-tiller.yaml + kubectl apply -f https://raw.githubusercontent.com/kyverno/policies/main/best-practices-cel/disallow-helm-tiller/disallow-helm-tiller.yaml ``` keywords: - kyverno @@ -19,4 +19,5 @@ annotations: kyverno/category: "Sample in CEL" kyverno/kubernetesVersion: "1.26-1.27" kyverno/subject: "Pod" -digest: 6de64a4a8d611c250dc0190b28b6c757db531063161531e4f68202c0fbda5be4 +digest: 68bd8e1cf068759dc436032f3bcb1204992b84ba33498ffd76b744329976769e +createdAt: "2024-03-08T06:29:08Z"