Merge remote-tracking branch 'origin/main' into disable-aws-profile

opszero · Nov 30, 2023 · d8b2d2b · d8b2d2b
2 parents 718abfa + 2762927
commit d8b2d2b
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -158,7 +158,7 @@ the PSP to the [equivalent new standard](https://kubernetes.io/docs/tasks/config
 | 4.2.8   | Minimize the admission of containers with capabilities assigned                                          | L1    | Active    | [tiphys](https://github.com/opszero/tiphys) defaultSecurityContext.capabilities.drop: ALL                    |
 | **4.3** | **CNI Plugin**                                                                                           |       |           |                                                                                                              |
 | 4.3.1   | Ensure CNI plugin supports network policies.                                                             | L1    | Manual    | `calico_enabled=true`                                                                                        |
-| 4.3.2   | Ensure that all Namespaces have Network Policies defined                                                 | L1    | Remediate |                                                                                                              |
+| 4.3.2   | Ensure that all Namespaces have Network Policies defined                                                 | L1    | Manual    | Add Network Policy manually                                                                                  |
 | **4.4** | **Secrets Management**                                                                                   |       |           |                                                                                                              |
 | 4.4.1   | Prefer using secrets as files over secrets as environment variables                                      | L2    | Active    | [tiphys](https://github.com/opszero/tiphys) writes secrets to file                                           |
 | 4.4.2   | Consider external secret storage                                                                         | L2    | Manual    | Pull secrets using AWS Secret Manager.                                                                       |
@@ -228,7 +228,7 @@ the PSP to the [equivalent new standard](https://kubernetes.io/docs/tasks/config
 | <a name="input_iam_roles"></a> [iam\_roles](#input\_iam\_roles) | Terraform object of the IAM roles | `map` | `{}` | no |
 | <a name="input_iam_users"></a> [iam\_users](#input\_iam\_users) | List of IAM users | `list` | `[]` | no |
 | <a name="input_karpenter_enabled"></a> [karpenter\_enabled](#input\_karpenter\_enabled) | Specify whether the karpenter is enabled | `bool` | `false` | no |
-| <a name="input_karpenter_version"></a> [karpenter\_version](#input\_karpenter\_version) | The version of the karpenter helm chart | `string` | `"v0.31.0"` | no |
+| <a name="input_karpenter_version"></a> [karpenter\_version](#input\_karpenter\_version) | The version of the karpenter helm chart | `string` | `"v0.32.2"` | no |
 | <a name="input_legacy_subnet"></a> [legacy\_subnet](#input\_legacy\_subnet) | Specify how the subnets should be created | `bool` | `true` | no |
 | <a name="input_metrics_server_version"></a> [metrics\_server\_version](#input\_metrics\_server\_version) | The version of the metric server helm chart | `string` | `"3.11.0"` | no |
 | <a name="input_nat_enabled"></a> [nat\_enabled](#input\_nat\_enabled) | Whether the NAT gateway is enabled | `bool` | `true` | no |

diff --git a/variables.tf b/variables.tf
@@ -367,7 +367,7 @@ variable "karpenter_enabled" {
 }
 
 variable "karpenter_version" {
-  default     = "v0.31.0"
+  default     = "v0.32.2"
   description = "The version of the karpenter helm chart"
 }