default Istio outbound traffic mode usage
shireenf-ibm opened this issue · comments
- consider adding a warning when the default Istio outbound traffic mode (ALLOW_ANY) is used in the absence of sidecar resources (and it adds connectivity to dns peers for example)
- Should serviceEntry (dns) peers be excluded from analysis in certain cases? e.g.
kube-system
pods are generally not part of the istio mesh