Implementation

Namespace With Deny All Netpol

namespace-with-deny-all-netpol.tpl (view on GitHub) :

- op: set
  path: -1
  value:
    apiVersion: networking.k8s.io/v1
    kind: NetworkPolicy
    metadata:
      name: deny-all
      {{ if ne .Namespace "" }}
      namespace: {{ .Namespace }}
      {{ end }}
    spec:
      podSelector: {}
      policyTypes:
      - Ingress
      - Egress