Ensure large virtual services are split into multiple resources for Istio Virtual Services

LOW

Description

Large virtual services are used instead of multiple resources. This could lead to exposing multiple resources to security risks.

Remediation

Ensure that your YAML files do not have multiple 'route' configurations in a single VirtualService. If they do, break them into individual VirtualService entries; these can remain in the same YAML file separated by three dashes (---).

References:
https://istio.io/latest/docs/ops/best-practices/traffic-management/#split-virtual-services

Policy Details

Rule Reference ID: AC_K8S_0120

CSP: Kubernetes

Remediation Available: No

Domain: Security Best Practices

Resource: kubernetes_istio_virtual_service

Resource Category: Virtual Network

Resource Type: Istio

Frameworks

GDPR
NIST-800-53
HIPAA

Detections

Analytics

Ensure large virtual services are split into multiple resources for Istio Virtual Services

LOW

Description

Remediation

Policy Details

Frameworks