Skip to main content

☑️ Prevent workload from using the default namespace

The namespace default is a saved namespace value in which Kubernetes is deploying all objects without an explicit namespace. Using explicit namespaces instead of the default value makes for clearer boundaries between sets of pods in a cluster. For example, namespaces that represent teams present a clear organization of cluster resources and make configuration overlaps less likely.

Targeted objects by this rule (types of kind): Deployment / Pod / DaemonSet / StatefulSet / ReplicaSet / CronJob / Job

Complexity: medium (What does this mean?)

Policy as code identifier: WORKLOAD_INCORRECT_NAMESPACE_VALUE_DEFAULT


This rule will fail

If a workload has default set as the namespace name

metadata:
namespace: default

Rule output in the CLI

$ datree test *.yaml

>> File: failExample.yaml
❌ Prevent workload from using the default namespace [1 occurrence]
💡 Incorrect value for key `namespace` - use an explicit namespace instead of the default one ("default")

How to fix this failure

metadata:
namespace: test

Read more