Examples
This page provides example security policies for common CI/CD scenarios. Use these as starting points and customize them for your specific pipeline requirements.
Most examples below use "mode": "observe" so you can apply them safely and review violations without breaking builds. Once a policy reflects everything your pipeline legitimately does, switch it to "mode": "enforce" to actively block unauthorized operations.
Minimal Policies
Deny All (Default)
The most restrictive policy. When in enforce mode, all operations not explicitly permitted are denied. Use as a starting point to incrementally add only required permissions.
{
"mode": "observe"
}Derive Mode
Use derive mode to automatically generate a policy based on observed runtime behavior. Run your pipeline with this policy, then extract the derived policy from the build output.
{
"mode": "derive"
}Permit All
Allows all operations without restrictions. Useful for baseline testing or development environments where security enforcement is not required.
{
"mode": "observe",
"container": {
"run": ["all"],
"socket": ["all"]
},
"hook": {
"ptrace": ["all"],
"traceme": ["all"],
"wx": ["all"],
"preload": ["all"]
},
"ioctl": {
"cmd": ["all"]
},
"ip": {
"bind": ["all"],
"connect": ["all"]
},
"kernel": {
"ebpf": ["all"],
"module": ["all"],
"read": ["all"]
},
"mmap": {
"file": ["all"]
},
"netlink": {
"bind": ["all"]
},
"socket": {
"packet": ["all"],
"raw": ["all"],
"inject": ["all"],
"sniff": ["all"]
},
"path": {
"create": ["all"],
"delete": ["all"],
"execute": ["all"],
"link": ["all"],
"mount": ["all"],
"open": ["all"],
"overwrite": ["all"],
"write": ["all"],
"quota": ["all"],
"rename": ["all"],
"symlink": ["all"],
"pivot": ["all"],
"chroot": ["all"]
},
"privilege": {
"escalate": ["all"]
},
"sysv": {
"shmem": ["all"],
"msgqueue": ["all"]
},
"task": {
"kill": ["all"],
"rlimit": ["all"],
"schedule": ["all"],
"nice": ["all"],
"pgroup": ["all"]
},
"unix": {
"bind": ["all"],
"connect": ["all"]
},
"vsock": {
"bind": ["all"],
"connect": ["all"]
}
}Node.js Application Build
A policy for building and testing a typical Node.js application with npm.
{
"mode": "observe",
"path": {
"execute": [
"all|{/bin,/usr/bin}/bash|all",
"all|{/bin,/usr/bin}/node|all",
"all|{/bin,/usr/bin}/npm|all",
"all|all|{/bin,/usr/bin}/{ls,cat,mkdir,cp,rm,mv,grep,sed,awk}"
],
"create": ["all"],
"delete": ["all"],
"open": ["all"],
"write": ["all"]
},
"ip": {
"connect": [
"all|registry.npmjs.org|443",
"all|www.npmjs.com|443",
"all|github.com|443",
"all|api.github.com|443"
]
},
"unix": {
"connect": ["all"]
},
"hook": {
"wx": [
"{/bin,/usr/bin}/node"
]
},
"task": {
"kill": ["all"],
"pgroup": ["all"]
},
"ioctl": {
"cmd": ["all"]
}
}Key policy decisions:
- Execution: Allows bash, node, and npm to run workspace scripts and standard binaries
- Network: Restricts outbound connections to npm registry and GitHub
- Memory: Permits W+X memory for Node.js JIT compilation
- Process management: Allows process termination and grouping for npm scripts
Python Application Build
A policy for building Python applications with pip and pytest.
{
"mode": "observe",
"path": {
"execute": [
"all|{/bin,/usr/bin}/bash|all",
"all|{/bin,/usr/bin,/usr/local/bin}/{python,python3,python3.11,python3.12}|all",
"all|{/bin,/usr/bin,/usr/local/bin}/{pip,pip3}|all",
"all|{/bin,/usr/bin,/usr/local/bin}/pytest|all",
"all|all|{/bin,/usr/bin}/{ls,cat,mkdir,cp,rm,mv,grep,sed,awk}"
],
"create": ["all"],
"delete": ["all"],
"open": ["all"],
"write": ["all"]
},
"ip": {
"connect": [
"all|pypi.org|443",
"all|files.pythonhosted.org|443"
]
},
"unix": {
"connect": ["all"]
},
"hook": {
"wx": [
"{/bin,/usr/bin,/usr/local/bin}/{python,python3,python3.11,python3.12}"
]
},
"task": {
"kill": ["all"],
"pgroup": ["all"]
},
"ioctl": {
"cmd": ["all"]
}
}Go Application Build
A policy for building Go applications.
{
"mode": "observe",
"path": {
"execute": [
"all|{/bin,/usr/bin}/bash|all",
"all|/usr/local/go/bin/go|all",
"all|all|/usr/local/go/bin/{go,gofmt,compile,link,asm}"
],
"create": ["all"],
"delete": ["all"],
"open": ["all"],
"write": ["all"]
},
"ip": {
"connect": [
"all|proxy.golang.org|443",
"all|sum.golang.org|443",
"all|github.com|443",
"all|storage.googleapis.com|443"
]
},
"unix": {
"connect": ["all"]
},
"task": {
"kill": ["all"],
"pgroup": ["all"]
},
"ioctl": {
"cmd": ["all"]
}
}Key policy decisions:
- Network: Restricts to Go module proxy, checksum database, and GitHub
- No W+X: Go binaries are statically compiled and do not require JIT
Java/Maven Build
A policy for building Java applications with Maven.
{
"mode": "observe",
"path": {
"execute": [
"all|{/bin,/usr/bin}/bash|all",
"all|{/bin,/usr/bin}/java|all",
"all|{/bin,/usr/bin}/mvn|all",
"all|all|{/bin,/usr/bin}/{ls,cat,mkdir,cp,rm,mv}"
],
"create": ["all"],
"delete": ["all"],
"open": ["all"],
"write": ["all"]
},
"ip": {
"connect": [
"all|repo.maven.apache.org|443",
"all|repo1.maven.org|443",
"all|central.sonatype.com|443"
]
},
"unix": {
"connect": ["all"]
},
"hook": {
"wx": [
"{/bin,/usr/bin}/java"
]
},
"task": {
"kill": ["all"],
"pgroup": ["all"]
},
"ioctl": {
"cmd": ["all"]
}
}Rust/Cargo Build
A policy for building Rust applications with Cargo.
{
"mode": "observe",
"path": {
"execute": [
"all|{/bin,/usr/bin}/bash|all",
"all|{/usr/bin,/usr/local/bin}/cargo|all",
"all|{/usr/bin,/usr/local/bin}/rustc|all",
"all|all|{/bin,/usr/bin}/{ls,cat,mkdir,cp,rm,mv}"
],
"create": ["all"],
"delete": ["all"],
"open": ["all"],
"write": ["all"]
},
"ip": {
"connect": [
"all|crates.io|443",
"all|static.crates.io|443",
"all|static.rust-lang.org|443",
"all|github.com|443"
]
},
"unix": {
"connect": ["all"]
},
"task": {
"kill": ["all"],
"pgroup": ["all"]
},
"ioctl": {
"cmd": ["all"]
}
}Docker Build Pipeline
A policy for pipelines that build and push Docker images.
{
"mode": "observe",
"container": {
"run": [
"docker.io/library/node|all",
"gcr.io/myproject/myapp|all"
]
},
"path": {
"execute": [
"all|{/bin,/usr/bin}/bash|all",
"all|/usr/bin/docker|all",
"all|all|{/bin,/usr/bin}/{ls,cat,mkdir,cp,rm,mv}"
],
"create": ["all"],
"delete": ["all"],
"open": ["all"],
"write": ["all"],
"pivot": [
"/usr/bin/runc|all|all"
]
},
"ip": {
"connect": [
"all|registry-1.docker.io|443",
"all|auth.docker.io|443",
"all|gcr.io|443"
]
},
"unix": {
"connect": [
"all|/var/run/docker.sock"
]
},
"netlink": {
"bind": ["all"]
},
"task": {
"kill": ["all"],
"pgroup": ["all"]
},
"ioctl": {
"cmd": ["all"]
}
}Key policy decisions:
- Container images: Restricts to Docker Hub and Google Container Registry
- Docker socket: Allows access to the Docker daemon socket
- pivot_root: Required for container runtime operations
- Network: Restricted to container registries
Kubernetes Deployment Pipeline
A policy for pipelines that deploy to Kubernetes clusters.
{
"mode": "observe",
"path": {
"execute": [
"all|{/bin,/usr/bin}/bash|all",
"all|{/usr/bin,/usr/local/bin}/kubectl|all",
"all|{/usr/bin,/usr/local/bin}/helm|all",
"all|all|{/bin,/usr/bin}/{ls,cat,mkdir,cp,rm,mv}"
],
"create": ["all"],
"delete": ["all"],
"open": ["all"],
"write": ["all"]
},
"ip": {
"connect": [
"all|eks.amazonaws.com|443",
"all|azmk8s.io|443",
"all|container.googleapis.com|443",
"all|kubernetes.default.svc|443",
"all|10.0.0.0/8|443",
"all|172.16.0.0/12|443",
"all|192.168.0.0/16|443"
]
},
"unix": {
"connect": ["all"]
},
"task": {
"kill": ["all"],
"pgroup": ["all"]
},
"ioctl": {
"cmd": ["all"]
}
}Key policy decisions:
- Tools: Allows kubectl and helm execution
- Network: Permits connections to common cloud Kubernetes endpoints and private network ranges
Terraform Infrastructure Pipeline
A policy for infrastructure-as-code pipelines using Terraform.
{
"mode": "observe",
"path": {
"execute": [
"all|{/bin,/usr/bin}/bash|all",
"all|{/usr/bin,/usr/local/bin}/terraform|all",
"all|all|{/bin,/usr/bin}/{ls,cat,mkdir,cp,rm,mv}"
],
"create": ["all"],
"delete": ["all"],
"open": ["all"],
"write": ["all"]
},
"ip": {
"connect": [
"all|releases.hashicorp.com|443",
"all|registry.terraform.io|443",
"all|sts.amazonaws.com|443",
"all|management.azure.com|443",
"all|storage.googleapis.com|443",
"all|login.microsoftonline.com|443"
]
},
"unix": {
"connect": ["all"]
},
"task": {
"kill": ["all"],
"pgroup": ["all"]
},
"ioctl": {
"cmd": ["all"]
}
}Security Scanning Pipeline
A policy for pipelines that run security scanning tools.
{
"mode": "observe",
"path": {
"execute": [
"all|{/bin,/usr/bin}/bash|all",
"all|/usr/bin/trivy|all",
"all|/usr/bin/grype|all",
"all|/usr/bin/semgrep|all",
"all|/usr/bin/snyk|all",
"all|all|{/bin,/usr/bin}/{ls,cat,mkdir,cp,rm,mv}"
],
"create": ["all"],
"delete": ["all"],
"open": ["all"],
"write": ["all"]
},
"ip": {
"connect": [
"all|ghcr.io|443",
"all|api.snyk.io|443",
"all|semgrep.dev|443",
"all|toolbox.anchore.io|443",
"all|github.com|443"
]
},
"unix": {
"connect": ["all"]
},
"hook": {
"wx": [
"{/bin,/usr/bin}/{python,python3,python3.11,python3.12}",
"{/bin,/usr/bin}/node"
]
},
"task": {
"kill": ["all"],
"pgroup": ["all"]
},
"ioctl": {
"cmd": ["all"]
}
}Database Migration Pipeline
A policy for pipelines that run database migrations.
{
"mode": "observe",
"path": {
"execute": [
"all|{/bin,/usr/bin}/bash|all",
"all|/usr/bin/psql|all",
"all|/usr/bin/mysql|all",
"all|{/usr/bin,/usr/local/bin}/flyway|all",
"all|all|{/bin,/usr/bin}/{ls,cat,mkdir,cp,rm,mv}"
],
"create": ["all"],
"delete": ["all"],
"open": ["all"],
"write": ["all"]
},
"ip": {
"connect": [
"all|10.0.0.0/8|{5432,3306}",
"all|172.16.0.0/12|{5432,3306}",
"all|192.168.0.0/16|{5432,3306}",
"all|mydb.cluster-xyz.us-east-1.rds.amazonaws.com|{5432,3306}",
"all|mydb.postgres.database.azure.com|{5432,3306}",
"all|myproject:us-central1:myinstance|{5432,3306}"
]
},
"unix": {
"connect": [
"all|/var/run/postgresql/.s.PGSQL.5432",
"all|/var/run/mysqld/mysqld.sock"
]
},
"task": {
"kill": ["all"],
"pgroup": ["all"]
},
"ioctl": {
"cmd": ["all"]
}
}Key policy decisions:
- Database tools: Allows psql, mysql, and Flyway
- Network: Restricts to private networks and cloud database endpoints on standard ports
- Unix sockets: Permits connections to local database sockets
High-Security Production Build
A maximally restrictive policy for sensitive production builds. This example demonstrates granular control over file system operations.
{
"mode": "enforce",
"path": {
"execute": [
"all|/bin/bash|%workspace%/build.sh",
"all|/usr/bin/make|%workspace%/Makefile",
"/bin/bash|/usr/bin/gcc|%workspace%/src/main.c",
"/bin/bash|/usr/bin/g++|%workspace%/src/main.cpp",
"all|all|{/bin,/usr/bin}/{ls,cat,mkdir,cp,mv,rm}"
],
"create": [
"{/bin,/usr/bin}/{mkdir,touch}|%workspace%",
"/usr/bin/{gcc,g++,make}|%workspace%/build"
],
"delete": [
"{/bin,/usr/bin}/rm|%workspace%/build",
"/usr/bin/make|%workspace%/build"
],
"open": [
"{/bin,/usr/bin}/{bash,cat}|%workspace%",
"/usr/bin/{gcc,g++,make}|%workspace%",
"/usr/bin/{gcc,g++}|{/usr/include,/usr/lib}"
],
"write": [
"/usr/bin/{gcc,g++}|%workspace%/build",
"/usr/bin/make|%workspace%/build"
]
},
"ip": {
"connect": []
},
"unix": {
"connect": [
"all|/run/endura/sensor.sock"
]
},
"task": {
"kill": [
"/bin/bash|/bin/bash",
"/usr/bin/make|all"
],
"pgroup": [
"/bin/bash|/bin/bash"
]
},
"ioctl": {
"cmd": [
"all|/dev/tty|all",
"all|/dev/null|all"
]
}
}Key policy decisions:
- Mode: Set to
enforcefor active blocking - Execution: Limited to specific build scripts and compilers
- File creation/deletion: Only build tools can modify the workspace build directory
- File reads: Compilers can only read source files and system headers
- File writes: Only compilers and make can write to the build output directory
- Network: No outbound connections permitted (air-gapped build)
- Process control: Highly restricted kill and pgroup operations
Granular File System Policies
The path.create, path.delete, path.link, path.open, path.overwrite, path.symlink, and path.write operations support granular process_path|target_path rules. The path.mount and path.rename operations use a three-part process_path|source|target format for additional specificity. This allows you to restrict which processes can perform file operations and where.
Transitioning from all to Specific Rules
Permissive (starter policy):
"path": {
"create": ["all"],
"delete": ["all"],
"link": ["all"],
"mount": ["all"],
"open": ["all"],
"overwrite": ["all"],
"rename": ["all"],
"symlink": ["all"],
"write": ["all"]
}Restrictive (production policy):
"path": {
"create": [
"{/bin,/usr/bin}/{mkdir,touch}|%workspace%",
"/usr/bin/npm|%workspace%/node_modules"
],
"delete": [
"{/bin,/usr/bin}/rm|%workspace%",
"/usr/bin/npm|%workspace%/node_modules"
],
"link": [
"/usr/bin/cp|%workspace%"
],
"mount": [],
"open": [
"all|%workspace%",
"all|{/usr/lib,/lib,/etc}",
"/usr/bin/node|/usr/share/nodejs"
],
"overwrite": [
"/usr/bin/npm|%workspace%/node_modules",
"/usr/bin/node|%workspace%/build"
],
"rename": [
"/bin/mv|%workspace%|%workspace%",
"/usr/bin/npm|%workspace%/node_modules|%workspace%/node_modules"
],
"symlink": [
"/usr/bin/npm|%workspace%/node_modules",
"{/bin,/usr/bin}/ln|%workspace%"
],
"write": [
"/usr/bin/npm|%workspace%/node_modules",
"/usr/bin/node|%workspace%/build",
"all|/tmp"
]
}Kernel Module Restrictions
For workloads that require kernel module loading, you can restrict which modules are allowed:
"kernel": {
"module": [
"/sbin/modprobe|overlay",
"/usr/bin/runc|overlay",
"/usr/sbin/ip|{dummy,veth}"
]
}Container Socket Access
Restrict which container images can access the Docker/Podman socket:
"container": {
"socket": [
"docker.io/docker|24",
"gcr.io/kaniko-project/executor|all"
]
}Policy Refinement Tips
After deriving an initial policy, apply these refinement techniques:
Consolidate Port Lists
Before:
"ip": {
"connect": [
"/usr/bin/curl|api.example.com|80",
"/usr/bin/curl|api.example.com|443",
"/usr/bin/curl|api.example.com|8080"
]
}After:
"ip": {
"connect": [
"/usr/bin/curl|api.example.com|{80,443,8080}"
]
}Combine Similar Scripts
Before:
"path": {
"execute": [
"all|/bin/bash|%workspace%/scripts/build.sh",
"all|/bin/bash|%workspace%/scripts/test.sh",
"all|/bin/bash|%workspace%/scripts/deploy.sh"
]
}After:
"path": {
"execute": [
"all|/bin/bash|%workspace%/scripts/{build,test,deploy}.sh"
]
}Combine Binary Locations
Before:
"path": {
"execute": [
"all|/bin/node|all",
"all|/usr/bin/node|all",
"all|/usr/local/bin/node|all"
]
}After:
"path": {
"execute": [
"all|{/bin,/usr/bin,/usr/local/bin}/node|all"
]
}Use CIDR for IP Ranges
Before:
"ip": {
"connect": [
"all|192.168.1.1|443",
"all|192.168.1.2|443",
"all|192.168.1.3|443"
]
}After:
"ip": {
"connect": [
"all|192.168.1.0/24|443"
]
}