Ensure overly broad host configuration is not allowed for Istio Gateway

HIGH

Description

Istio best practices include setting specific domains or namespaces in Gateway configurations. For more information, see the Istio documentation.
References:
https://istio.io/latest/docs/ops/best-practices/security/#avoid-overly-broad-hosts-configurations

Remediation

Update your Istio YAML to set specific hosts listed under the servers.hosts field. Using an asterisk would be considered overly broad.

Policy Details

Rule Reference ID: AC_K8S_0118
Remediation Available: No
Resource Category: Virtual Network
Resource Type: Istio

Frameworks