diff --git a/src/kata-opa/allow-all-except-exec-process.rego b/src/kata-opa/allow-all-except-exec-process.rego index 7905f4e592..86f1f04282 100644 --- a/src/kata-opa/allow-all-except-exec-process.rego +++ b/src/kata-opa/allow-all-except-exec-process.rego @@ -17,6 +17,8 @@ default GetOOMEventRequest := true default GuestDetailsRequest := true default ListInterfacesRequest := true default ListRoutesRequest := true +default MemAgentCompactConfig := true +default MemAgentMemcgConfig := true default MemHotplugByProbeRequest := true default OnlineCPUMemRequest := true default PauseContainerRequest := true diff --git a/src/kata-opa/allow-all.rego b/src/kata-opa/allow-all.rego index 6302092092..6a2f536920 100644 --- a/src/kata-opa/allow-all.rego +++ b/src/kata-opa/allow-all.rego @@ -19,6 +19,8 @@ default GetOOMEventRequest := true default GuestDetailsRequest := true default ListInterfacesRequest := true default ListRoutesRequest := true +default MemAgentCompactConfig := true +default MemAgentMemcgConfig := true default MemHotplugByProbeRequest := true default OnlineCPUMemRequest := true default PauseContainerRequest := true diff --git a/src/tools/genpolicy/rules.rego b/src/tools/genpolicy/rules.rego index 915b97515e..d7f32fdeaf 100644 --- a/src/tools/genpolicy/rules.rego +++ b/src/tools/genpolicy/rules.rego @@ -25,6 +25,8 @@ default GetOOMEventRequest := true default GuestDetailsRequest := true default ListInterfacesRequest := false default ListRoutesRequest := false +default MemAgentCompactConfig := false +default MemAgentMemcgConfig := false default MemHotplugByProbeRequest := false default OnlineCPUMemRequest := true default PauseContainerRequest := false