Policy filtering feature

[mikouaj]

Community Note

• Please vote on this issue by adding a 👍 reaction
  to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do
  not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment.

Description

As a cloud engineer, I want to control which policies are evaluated on each cluster, in order to: treat different clusters or groups of clusters differently / limit the number of unwanted noise.

Example config:

policyExclusions:
  - policies:
      - gke.policy.cluster_binary_authorization
      - gke.policy.cluster_maintenance_window
    policyGroups:
      - Management
    policyLists:
- my-named-policy-list
    clusterSelectors:
      - matchLabels:
          env: prod
          team: test-team
      - matchExpressions:
          - key: location
            Operator: In
            values:
              - west
              - east
policyLists:
  - name: my-named-policy-list
     policies:
     - gke.policy.cluster_binary_authorization
     - gke.policy.cluster_maintenance_window

• Implement cluster selectors for policy filtering #68
• Implement policy filtering logic with policy names and groups #69
• Implement named policy lists for policy filtering #70

References

N/A