Can I secure Prometheus/JMX monitoring Network Policies?


David Lynn <david.james.lynn@...>
 

Hi,

I am currently using strimzi with monitoring enabled. I am also using Network Policies to secure my cluster communication.

I have found a method to secure my listeners to allow specific sources to be accessed:

However Strimzi also creates network policies for the Prometheus/JMX ports, and I have been currently unable to see where I would specify the networkPolicyPeers required to restrict communication.

I believe I cannot add these to the listeners, as described in this comment:

Is there somewhere where I can add the Network Policy restrictions for port 9404 (Prometheus) and 9999 (JMX)?

Thanks,
David

Join cncf-strimzi-dev@lists.cncf.io to automatically receive all group messages.