Ensure Network Policy is Enabled

Description

Use Network Policy to restrict pod to pod traffic within a cluster and segregate workloads.

Rationale

By default, all pod to pod traffic within a cluster is allowed. Network Policy creates a pod- level firewall that can be used to restrict traffic between sources. Pod traffic is restricted by having a Network Policy that selects it (through the use of labels). Once there is any Network Policy in a namespace selecting a particular pod, that pod will reject any connections that are not allowed by any Network Policy. Other pods in the namespace that are not selected by any Network Policy will continue to accept all traffic. Network Policies are managed via the Kubernetes Network Policy API and enforced by a network plugin, simply creating the resource without a compatible network plugin to implement it will have no effect. EKS supports Network Policy enforcement through the use of Calico.