Skip to content

Examples

This page provides example security policies for common CI/CD scenarios. Use these as starting points and customize them for your specific pipeline requirements.

Most examples below use "mode": "observe" so you can apply them safely and review violations without breaking builds. Once a policy reflects everything your pipeline legitimately does, switch it to "mode": "enforce" to actively block unauthorized operations.


Minimal Policies

Deny All (Default)

The most restrictive policy. When in enforce mode, all operations not explicitly permitted are denied. Use as a starting point to incrementally add only required permissions.

{
  "mode": "observe"
}

Derive Mode

Use derive mode to automatically generate a policy based on observed runtime behavior. Run your pipeline with this policy, then extract the derived policy from the build output.

{
  "mode": "derive"
}

Permit All

Allows all operations without restrictions. Useful for baseline testing or development environments where security enforcement is not required.

Not for Production: This policy permits all operations and provides no security value. Use only for testing or development purposes.
{
  "mode": "observe",
  "container": {
    "run": ["all"],
    "socket": ["all"]
  },
  "hook": {
    "ptrace": ["all"],
    "traceme": ["all"],
    "wx": ["all"],
    "preload": ["all"]
  },
  "ioctl": {
    "cmd": ["all"]
  },
  "ip": {
    "bind": ["all"],
    "connect": ["all"]
  },
  "kernel": {
    "ebpf": ["all"],
    "module": ["all"],
    "read": ["all"]
  },
  "mmap": {
    "file": ["all"]
  },
  "netlink": {
    "bind": ["all"]
  },
  "socket": {
    "packet": ["all"],
    "raw": ["all"],
    "inject": ["all"],
    "sniff": ["all"]
  },
  "path": {
    "create": ["all"],
    "delete": ["all"],
    "execute": ["all"],
    "link": ["all"],
    "mount": ["all"],
    "open": ["all"],
    "overwrite": ["all"],
    "write": ["all"],
    "quota": ["all"],
    "rename": ["all"],
    "symlink": ["all"],
    "pivot": ["all"],
    "chroot": ["all"]
  },
  "privilege": {
    "escalate": ["all"]
  },
  "sysv": {
    "shmem": ["all"],
    "msgqueue": ["all"]
  },
  "task": {
    "kill": ["all"],
    "rlimit": ["all"],
    "schedule": ["all"],
    "nice": ["all"],
    "pgroup": ["all"]
  },
  "unix": {
    "bind": ["all"],
    "connect": ["all"]
  },
  "vsock": {
    "bind": ["all"],
    "connect": ["all"]
  }
}

Node.js Application Build

A policy for building and testing a typical Node.js application with npm.

{
  "mode": "observe",
  "path": {
    "execute": [
      "all|{/bin,/usr/bin}/bash|all",
      "all|{/bin,/usr/bin}/node|all",
      "all|{/bin,/usr/bin}/npm|all",
      "all|all|{/bin,/usr/bin}/{ls,cat,mkdir,cp,rm,mv,grep,sed,awk}"
    ],
    "create": ["all"],
    "delete": ["all"],
    "open": ["all"],
    "write": ["all"]
  },
  "ip": {
    "connect": [
      "all|registry.npmjs.org|443",
      "all|www.npmjs.com|443",
      "all|github.com|443",
      "all|api.github.com|443"
    ]
  },
  "unix": {
    "connect": ["all"]
  },
  "hook": {
    "wx": [
      "{/bin,/usr/bin}/node"
    ]
  },
  "task": {
    "kill": ["all"],
    "pgroup": ["all"]
  },
  "ioctl": {
    "cmd": ["all"]
  }
}

Key policy decisions:

  • Execution: Allows bash, node, and npm to run workspace scripts and standard binaries
  • Network: Restricts outbound connections to npm registry and GitHub
  • Memory: Permits W+X memory for Node.js JIT compilation
  • Process management: Allows process termination and grouping for npm scripts

Python Application Build

A policy for building Python applications with pip and pytest.

{
  "mode": "observe",
  "path": {
    "execute": [
      "all|{/bin,/usr/bin}/bash|all",
      "all|{/bin,/usr/bin,/usr/local/bin}/{python,python3,python3.11,python3.12}|all",
      "all|{/bin,/usr/bin,/usr/local/bin}/{pip,pip3}|all",
      "all|{/bin,/usr/bin,/usr/local/bin}/pytest|all",
      "all|all|{/bin,/usr/bin}/{ls,cat,mkdir,cp,rm,mv,grep,sed,awk}"
    ],
    "create": ["all"],
    "delete": ["all"],
    "open": ["all"],
    "write": ["all"]
  },
  "ip": {
    "connect": [
      "all|pypi.org|443",
      "all|files.pythonhosted.org|443"
    ]
  },
  "unix": {
    "connect": ["all"]
  },
  "hook": {
    "wx": [
      "{/bin,/usr/bin,/usr/local/bin}/{python,python3,python3.11,python3.12}"
    ]
  },
  "task": {
    "kill": ["all"],
    "pgroup": ["all"]
  },
  "ioctl": {
    "cmd": ["all"]
  }
}

Go Application Build

A policy for building Go applications.

{
  "mode": "observe",
  "path": {
    "execute": [
      "all|{/bin,/usr/bin}/bash|all",
      "all|/usr/local/go/bin/go|all",
      "all|all|/usr/local/go/bin/{go,gofmt,compile,link,asm}"
    ],
    "create": ["all"],
    "delete": ["all"],
    "open": ["all"],
    "write": ["all"]
  },
  "ip": {
    "connect": [
      "all|proxy.golang.org|443",
      "all|sum.golang.org|443",
      "all|github.com|443",
      "all|storage.googleapis.com|443"
    ]
  },
  "unix": {
    "connect": ["all"]
  },
  "task": {
    "kill": ["all"],
    "pgroup": ["all"]
  },
  "ioctl": {
    "cmd": ["all"]
  }
}

Key policy decisions:

  • Network: Restricts to Go module proxy, checksum database, and GitHub
  • No W+X: Go binaries are statically compiled and do not require JIT

Java/Maven Build

A policy for building Java applications with Maven.

{
  "mode": "observe",
  "path": {
    "execute": [
      "all|{/bin,/usr/bin}/bash|all",
      "all|{/bin,/usr/bin}/java|all",
      "all|{/bin,/usr/bin}/mvn|all",
      "all|all|{/bin,/usr/bin}/{ls,cat,mkdir,cp,rm,mv}"
    ],
    "create": ["all"],
    "delete": ["all"],
    "open": ["all"],
    "write": ["all"]
  },
  "ip": {
    "connect": [
      "all|repo.maven.apache.org|443",
      "all|repo1.maven.org|443",
      "all|central.sonatype.com|443"
    ]
  },
  "unix": {
    "connect": ["all"]
  },
  "hook": {
    "wx": [
      "{/bin,/usr/bin}/java"
    ]
  },
  "task": {
    "kill": ["all"],
    "pgroup": ["all"]
  },
  "ioctl": {
    "cmd": ["all"]
  }
}

Rust/Cargo Build

A policy for building Rust applications with Cargo.

{
  "mode": "observe",
  "path": {
    "execute": [
      "all|{/bin,/usr/bin}/bash|all",
      "all|{/usr/bin,/usr/local/bin}/cargo|all",
      "all|{/usr/bin,/usr/local/bin}/rustc|all",
      "all|all|{/bin,/usr/bin}/{ls,cat,mkdir,cp,rm,mv}"
    ],
    "create": ["all"],
    "delete": ["all"],
    "open": ["all"],
    "write": ["all"]
  },
  "ip": {
    "connect": [
      "all|crates.io|443",
      "all|static.crates.io|443",
      "all|static.rust-lang.org|443",
      "all|github.com|443"
    ]
  },
  "unix": {
    "connect": ["all"]
  },
  "task": {
    "kill": ["all"],
    "pgroup": ["all"]
  },
  "ioctl": {
    "cmd": ["all"]
  }
}

Docker Build Pipeline

A policy for pipelines that build and push Docker images.

{
  "mode": "observe",
  "container": {
    "run": [
      "docker.io/library/node|all",
      "gcr.io/myproject/myapp|all"
    ]
  },
  "path": {
    "execute": [
      "all|{/bin,/usr/bin}/bash|all",
      "all|/usr/bin/docker|all",
      "all|all|{/bin,/usr/bin}/{ls,cat,mkdir,cp,rm,mv}"
    ],
    "create": ["all"],
    "delete": ["all"],
    "open": ["all"],
    "write": ["all"],
    "pivot": [
      "/usr/bin/runc|all|all"
    ]
  },
  "ip": {
    "connect": [
      "all|registry-1.docker.io|443",
      "all|auth.docker.io|443",
      "all|gcr.io|443"
    ]
  },
  "unix": {
    "connect": [
      "all|/var/run/docker.sock"
    ]
  },
  "netlink": {
    "bind": ["all"]
  },
  "task": {
    "kill": ["all"],
    "pgroup": ["all"]
  },
  "ioctl": {
    "cmd": ["all"]
  }
}

Key policy decisions:

  • Container images: Restricts to Docker Hub and Google Container Registry
  • Docker socket: Allows access to the Docker daemon socket
  • pivot_root: Required for container runtime operations
  • Network: Restricted to container registries

Kubernetes Deployment Pipeline

A policy for pipelines that deploy to Kubernetes clusters.

{
  "mode": "observe",
  "path": {
    "execute": [
      "all|{/bin,/usr/bin}/bash|all",
      "all|{/usr/bin,/usr/local/bin}/kubectl|all",
      "all|{/usr/bin,/usr/local/bin}/helm|all",
      "all|all|{/bin,/usr/bin}/{ls,cat,mkdir,cp,rm,mv}"
    ],
    "create": ["all"],
    "delete": ["all"],
    "open": ["all"],
    "write": ["all"]
  },
  "ip": {
    "connect": [
      "all|eks.amazonaws.com|443",
      "all|azmk8s.io|443",
      "all|container.googleapis.com|443",
      "all|kubernetes.default.svc|443",
      "all|10.0.0.0/8|443",
      "all|172.16.0.0/12|443",
      "all|192.168.0.0/16|443"
    ]
  },
  "unix": {
    "connect": ["all"]
  },
  "task": {
    "kill": ["all"],
    "pgroup": ["all"]
  },
  "ioctl": {
    "cmd": ["all"]
  }
}

Key policy decisions:

  • Tools: Allows kubectl and helm execution
  • Network: Permits connections to common cloud Kubernetes endpoints and private network ranges

Terraform Infrastructure Pipeline

A policy for infrastructure-as-code pipelines using Terraform.

{
  "mode": "observe",
  "path": {
    "execute": [
      "all|{/bin,/usr/bin}/bash|all",
      "all|{/usr/bin,/usr/local/bin}/terraform|all",
      "all|all|{/bin,/usr/bin}/{ls,cat,mkdir,cp,rm,mv}"
    ],
    "create": ["all"],
    "delete": ["all"],
    "open": ["all"],
    "write": ["all"]
  },
  "ip": {
    "connect": [
      "all|releases.hashicorp.com|443",
      "all|registry.terraform.io|443",
      "all|sts.amazonaws.com|443",
      "all|management.azure.com|443",
      "all|storage.googleapis.com|443",
      "all|login.microsoftonline.com|443"
    ]
  },
  "unix": {
    "connect": ["all"]
  },
  "task": {
    "kill": ["all"],
    "pgroup": ["all"]
  },
  "ioctl": {
    "cmd": ["all"]
  }
}

Security Scanning Pipeline

A policy for pipelines that run security scanning tools.

{
  "mode": "observe",
  "path": {
    "execute": [
      "all|{/bin,/usr/bin}/bash|all",
      "all|/usr/bin/trivy|all",
      "all|/usr/bin/grype|all",
      "all|/usr/bin/semgrep|all",
      "all|/usr/bin/snyk|all",
      "all|all|{/bin,/usr/bin}/{ls,cat,mkdir,cp,rm,mv}"
    ],
    "create": ["all"],
    "delete": ["all"],
    "open": ["all"],
    "write": ["all"]
  },
  "ip": {
    "connect": [
      "all|ghcr.io|443",
      "all|api.snyk.io|443",
      "all|semgrep.dev|443",
      "all|toolbox.anchore.io|443",
      "all|github.com|443"
    ]
  },
  "unix": {
    "connect": ["all"]
  },
  "hook": {
    "wx": [
      "{/bin,/usr/bin}/{python,python3,python3.11,python3.12}",
      "{/bin,/usr/bin}/node"
    ]
  },
  "task": {
    "kill": ["all"],
    "pgroup": ["all"]
  },
  "ioctl": {
    "cmd": ["all"]
  }
}

Database Migration Pipeline

A policy for pipelines that run database migrations.

{
  "mode": "observe",
  "path": {
    "execute": [
      "all|{/bin,/usr/bin}/bash|all",
      "all|/usr/bin/psql|all",
      "all|/usr/bin/mysql|all",
      "all|{/usr/bin,/usr/local/bin}/flyway|all",
      "all|all|{/bin,/usr/bin}/{ls,cat,mkdir,cp,rm,mv}"
    ],
    "create": ["all"],
    "delete": ["all"],
    "open": ["all"],
    "write": ["all"]
  },
  "ip": {
    "connect": [
      "all|10.0.0.0/8|{5432,3306}",
      "all|172.16.0.0/12|{5432,3306}",
      "all|192.168.0.0/16|{5432,3306}",
      "all|mydb.cluster-xyz.us-east-1.rds.amazonaws.com|{5432,3306}",
      "all|mydb.postgres.database.azure.com|{5432,3306}",
      "all|myproject:us-central1:myinstance|{5432,3306}"
    ]
  },
  "unix": {
    "connect": [
      "all|/var/run/postgresql/.s.PGSQL.5432",
      "all|/var/run/mysqld/mysqld.sock"
    ]
  },
  "task": {
    "kill": ["all"],
    "pgroup": ["all"]
  },
  "ioctl": {
    "cmd": ["all"]
  }
}

Key policy decisions:

  • Database tools: Allows psql, mysql, and Flyway
  • Network: Restricts to private networks and cloud database endpoints on standard ports
  • Unix sockets: Permits connections to local database sockets

High-Security Production Build

A maximally restrictive policy for sensitive production builds. This example demonstrates granular control over file system operations.

{
  "mode": "enforce",
  "path": {
    "execute": [
      "all|/bin/bash|%workspace%/build.sh",
      "all|/usr/bin/make|%workspace%/Makefile",
      "/bin/bash|/usr/bin/gcc|%workspace%/src/main.c",
      "/bin/bash|/usr/bin/g++|%workspace%/src/main.cpp",
      "all|all|{/bin,/usr/bin}/{ls,cat,mkdir,cp,mv,rm}"
    ],
    "create": [
      "{/bin,/usr/bin}/{mkdir,touch}|%workspace%",
      "/usr/bin/{gcc,g++,make}|%workspace%/build"
    ],
    "delete": [
      "{/bin,/usr/bin}/rm|%workspace%/build",
      "/usr/bin/make|%workspace%/build"
    ],
    "open": [
      "{/bin,/usr/bin}/{bash,cat}|%workspace%",
      "/usr/bin/{gcc,g++,make}|%workspace%",
      "/usr/bin/{gcc,g++}|{/usr/include,/usr/lib}"
    ],
    "write": [
      "/usr/bin/{gcc,g++}|%workspace%/build",
      "/usr/bin/make|%workspace%/build"
    ]
  },
  "ip": {
    "connect": []
  },
  "unix": {
    "connect": [
      "all|/run/endura/sensor.sock"
    ]
  },
  "task": {
    "kill": [
      "/bin/bash|/bin/bash",
      "/usr/bin/make|all"
    ],
    "pgroup": [
      "/bin/bash|/bin/bash"
    ]
  },
  "ioctl": {
    "cmd": [
      "all|/dev/tty|all",
      "all|/dev/null|all"
    ]
  }
}

Key policy decisions:

  • Mode: Set to enforce for active blocking
  • Execution: Limited to specific build scripts and compilers
  • File creation/deletion: Only build tools can modify the workspace build directory
  • File reads: Compilers can only read source files and system headers
  • File writes: Only compilers and make can write to the build output directory
  • Network: No outbound connections permitted (air-gapped build)
  • Process control: Highly restricted kill and pgroup operations

Granular File System Policies

The path.create, path.delete, path.link, path.open, path.overwrite, path.symlink, and path.write operations support granular process_path|target_path rules. The path.mount and path.rename operations use a three-part process_path|source|target format for additional specificity. This allows you to restrict which processes can perform file operations and where.

Transitioning from all to Specific Rules

Permissive (starter policy):

"path": {
  "create": ["all"],
  "delete": ["all"],
  "link": ["all"],
  "mount": ["all"],
  "open": ["all"],
  "overwrite": ["all"],
  "rename": ["all"],
  "symlink": ["all"],
  "write": ["all"]
}

Restrictive (production policy):

"path": {
  "create": [
    "{/bin,/usr/bin}/{mkdir,touch}|%workspace%",
    "/usr/bin/npm|%workspace%/node_modules"
  ],
  "delete": [
    "{/bin,/usr/bin}/rm|%workspace%",
    "/usr/bin/npm|%workspace%/node_modules"
  ],
  "link": [
    "/usr/bin/cp|%workspace%"
  ],
  "mount": [],
  "open": [
    "all|%workspace%",
    "all|{/usr/lib,/lib,/etc}",
    "/usr/bin/node|/usr/share/nodejs"
  ],
  "overwrite": [
    "/usr/bin/npm|%workspace%/node_modules",
    "/usr/bin/node|%workspace%/build"
  ],
  "rename": [
    "/bin/mv|%workspace%|%workspace%",
    "/usr/bin/npm|%workspace%/node_modules|%workspace%/node_modules"
  ],
  "symlink": [
    "/usr/bin/npm|%workspace%/node_modules",
    "{/bin,/usr/bin}/ln|%workspace%"
  ],
  "write": [
    "/usr/bin/npm|%workspace%/node_modules",
    "/usr/bin/node|%workspace%/build",
    "all|/tmp"
  ]
}

Kernel Module Restrictions

For workloads that require kernel module loading, you can restrict which modules are allowed:

"kernel": {
  "module": [
    "/sbin/modprobe|overlay",
    "/usr/bin/runc|overlay",
    "/usr/sbin/ip|{dummy,veth}"
  ]
}

Container Socket Access

Restrict which container images can access the Docker/Podman socket:

"container": {
  "socket": [
    "docker.io/docker|24",
    "gcr.io/kaniko-project/executor|all"
  ]
}

Policy Refinement Tips

After deriving an initial policy, apply these refinement techniques:

Consolidate Port Lists

Before:

"ip": {
  "connect": [
    "/usr/bin/curl|api.example.com|80",
    "/usr/bin/curl|api.example.com|443",
    "/usr/bin/curl|api.example.com|8080"
  ]
}

After:

"ip": {
  "connect": [
    "/usr/bin/curl|api.example.com|{80,443,8080}"
  ]
}

Combine Similar Scripts

Before:

"path": {
  "execute": [
    "all|/bin/bash|%workspace%/scripts/build.sh",
    "all|/bin/bash|%workspace%/scripts/test.sh",
    "all|/bin/bash|%workspace%/scripts/deploy.sh"
  ]
}

After:

"path": {
  "execute": [
    "all|/bin/bash|%workspace%/scripts/{build,test,deploy}.sh"
  ]
}

Combine Binary Locations

Before:

"path": {
  "execute": [
    "all|/bin/node|all",
    "all|/usr/bin/node|all",
    "all|/usr/local/bin/node|all"
  ]
}

After:

"path": {
  "execute": [
    "all|{/bin,/usr/bin,/usr/local/bin}/node|all"
  ]
}

Use CIDR for IP Ranges

Before:

"ip": {
  "connect": [
    "all|192.168.1.1|443",
    "all|192.168.1.2|443",
    "all|192.168.1.3|443"
  ]
}

After:

"ip": {
  "connect": [
    "all|192.168.1.0/24|443"
  ]
}