Notification Controller could notify on security misconfigurations
pjbgf opened this issue · comments
Paulo Gomes commented
This issue tracks the spike on one of the CNCF Tag Security recommendations: Use notification controller for user/admin awareness of Flux configuration/misconfiguration in teams/slack.
Justification: Soft multi-tenancy security relies upon lockdown mode, however this is not enabled by default.
The scope here would be around security misconfigurations, such as not complying with some of the best practices (e.g. start-up flags).