This chapter documents the policy language used to configure network policies in Cilium. Security policies can be specified and imported via the following mechanisms:
Using Kubernetes NetworkPolicy, CiliumNetworkPolicy and CiliumClusterwideNetworkPolicy resources. See the section Network Policy for more details. In this mode, Kubernetes will automatically distribute the policies to all agents.
Directly imported into the agent via CLI or API Reference of the agent. This method does not automatically distribute policies to all agents. It is in the responsibility of the user to import the policy in all required agents.
- Policy Enforcement Modes
- Rule Basics
- Layer 3 Examples
- Layer 4 Examples
- Layer 7 Examples
- Deny Policies
- Host Policies
- Using Kubernetes Constructs in Policy
- Endpoint Lifecycle