Ensure Alibaba Cloud Kubernetes installs plugin Terway or Flannel to support standard policies

Error: Alibaba Cloud Kubernetes does not install plugin Terway or Flannel to support standard policies

Bridgecrew Policy ID: BC_ALI_KUBERNETES_1
Checkov Check ID: CKV_ALI_26
Severity: LOW

Alibaba Cloud Kubernetes does not install plugin Terway or Flannel to support standard policies

Description

Fix - Buildtime - Terraform

resource "alicloud_cs_kubernetes" "pass" {
  worker_number         = 4
  worker_vswitch_ids    = ["vsw-id1", "vsw-id1", "vsw-id3"]
  master_vswitch_ids    = ["vsw-id1", "vsw-id1", "vsw-id3"]
  master_instance_types = ["ecs.n4.small", "ecs.sn1ne.xlarge", "ecs.n4.xlarge"]
  worker_instance_types = ["ecs.n4.small", "ecs.sn1ne.xlarge", "ecs.n4.xlarge"]

  addons {
    config = ""
    name   = "terway-eniip"
  }

  pod_vswitch_ids = ["vsw-id4"]
}

# array of addons
resource "alicloud_cs_kubernetes" "pass2" {
  worker_number         = 4
  worker_vswitch_ids    = ["vsw-id1", "vsw-id1", "vsw-id3"]
  master_vswitch_ids    = ["vsw-id1", "vsw-id1", "vsw-id3"]
  master_instance_types = ["ecs.n4.small", "ecs.sn1ne.xlarge", "ecs.n4.xlarge"]
  worker_instance_types = ["ecs.n4.small", "ecs.sn1ne.xlarge", "ecs.n4.xlarge"]

  addons {
    config = ""
    name   = "flannel"
  }

  addons {
    name   = "csi-plugin"
    config = ""
  }

  pod_cidr = "10.0.1.0/16"
}

Updated 6 days ago