Query: network_policy_default_deny_egress

with default_deny_egress_count as (
  select
    ns.uid,
    ns.name as namespace,
    ns.context_name,
    ns._ctx,
    count(pol.*) as num_netpol,
    ns.tags,
    ns.path,
    ns.start_line,
    ns.end_line,
    ns.source_type,
    -- Get the count of default deny Egress policy assoicated to each namespace
    COUNT(*) FILTER (
      where
        policy_types @> '["Egress"]'
        and pod_selector = '{}'
        and egress is null
    ) AS num_default_deny
  from
    kubernetes_namespace as ns
    left join kubernetes_network_policy as pol on pol.namespace = ns.name
    and pol.source_type = ns.source_type
  group by
    ns.name,
    ns.uid,
    ns.context_name,
    ns.tags,
    ns._ctx,
    ns.path,
    ns.start_line,
    ns.end_line,
    ns.source_type
)
select
  coalesce(uid, concat(path, ':', start_line)) as resource,
  case
    when num_default_deny > 0 then 'ok'
    else 'alarm'
  end as status,
  namespace || ' has ' || num_default_deny || ' default deny egress policies.' as reason,
  coalesce(context_name, '') as context_name,
  namespace,
  source_type,
  coalesce(path || ':' || start_line || '-' || end_line, '') as path
from
  default_deny_egress_count;