☑️ Prevent Ingress from forwarding all traffic to a single container

Misconfiguring the ingress host can unintended forward all traffic to a single pod instead of leveraging the load balancing capabilities. By verifying that ingress traffic is targeted by multiple pods, you will achieve higher application availability because you won't be dependent upon a single pod to serve all ingress traffic.

Targeted resources by this rule (types of kind): Ingress

Enabled by default? True

Policy as code identifier: INGRESS_INCORRECT_HOST_VALUE_PERMISSIVE

This rule will fail

If only a wildcard character (`*`) is used to describe the targeted host

YAML

Rule output in the CLI

Terminal

How to fix this failure

YAML

Read more