All Policies

Check Hourly RPO

K10 Policy resources can be educated to adhere to common Recovery Point Objective (RPO) best practices. This policy is advising to use an RPO frequency that with hourly granularity if it has the appPriority: Mission Critical

Policy Definition

/kasten/k10-hourly-rpo/k10-hourly-rpo.yaml

 1apiVersion: kyverno.io/v1
 2kind: ClusterPolicy
 3metadata:
 4  name: k10-policy-hourly-rpo
 5  annotations:
 6    policies.kyverno.io/title: Check Hourly RPO
 7    policies.kyverno.io/category: Kasten K10 by Veeam
 8    kyverno.io/kyverno-version: 1.6.2
 9    policies.kyverno.io/minversion: 1.6.2
10    kyverno.io/kubernetes-version: "1.21-1.22"
11    policies.kyverno.io/subject: Policy
12    policies.kyverno.io/description: >-
13      K10 Policy resources can be educated to adhere to common Recovery Point Objective (RPO) best practices. 
14      This policy is advising to use an RPO frequency that with hourly granularity if it has the appPriority: Mission Critical      
15spec:
16  validationFailureAction: audit  
17  rules:
18  - name: k10-policy-hourly-rpo
19    match:
20      any:
21      - resources:
22          kinds:
23          - config.kio.kasten.io/v1alpha1/Policy
24          selector:
25            matchLabels:
26              appPriority: Mission-Critical
27    validate:
28      message: "Mission Critical RPO frequency should use no shorter than @hourly frequency"
29      pattern:
30        spec:
31          frequency: '@hourly'  # In K10, this is checking Hourly at the action: backup level. By default, any action: export will use the action: backup frequency.
Create policy issue