K
Q

AWS EKS Kubernetes error: unable to recognize policy: no matches for kind "policy" in version "v1beta1"

8/2/2020

These are my APIs available in AWS EKS 1.17

✦ ➜ k api-versions
admissionregistration.k8s.io/v1
admissionregistration.k8s.io/v1beta1
apiextensions.k8s.io/v1
apiextensions.k8s.io/v1beta1
apiregistration.k8s.io/v1
apiregistration.k8s.io/v1beta1
apps/v1
argoproj.io/v1alpha1
authentication.k8s.io/v1
authentication.k8s.io/v1beta1
authorization.k8s.io/v1
authorization.k8s.io/v1beta1
autoscaling/v1
autoscaling/v2beta1
autoscaling/v2beta2
batch/v1
batch/v1beta1
certificates.k8s.io/v1beta1
coordination.k8s.io/v1
coordination.k8s.io/v1beta1
crd.k8s.amazonaws.com/v1alpha1
discovery.k8s.io/v1beta1
events.k8s.io/v1beta1
extensions/v1beta1
metrics.k8s.io/v1beta1
networking.k8s.io/v1
networking.k8s.io/v1beta1
node.k8s.io/v1beta1
policy/v1beta1
rbac.authorization.k8s.io/v1
rbac.authorization.k8s.io/v1beta1
scheduling.k8s.io/v1
scheduling.k8s.io/v1beta1
storage.k8s.io/v1
storage.k8s.io/v1beta1
v1

this is my policy.yaml file

apiVersion: policy/v1beta1
kind: policy
metadata:
  name: default-deny-egress
  namespace: edna
spec:
  order: 999
  egress:
  - action: deny
    destination:
      net: 35.162.205.100
    source: {}

When I try to apply it I get the following:

error: unable to recognize "app/base/backend/policies/deny-policy.yaml": no matches for kind "policy" in version "v1beta1"
-- DmitrySemenov
amazon-eks
kubernetes
kubernetes-networkpolicy

Similar Questions

How to provide access to a service account to read pods in multiple namespaces?
k8s - deployment with service dependency
go-git basic authentication issues when getting credentials from Kubernetes secrets
Docker For Windows CE: Kubernetes: Unable to connect to the server eof
How can I open the Jaeger UI(run in Istio) in a remote browser, not the localhost machine

2 Answers

8/2/2020

You should use api/v1beta1 when defining network policies , Also the kind in that case would be NetworkPolicy. I think this is what you should use.

The version policy/v1beta1 is for defining poddisruptionbudget.

The kind Policy is used for defining audit policy and version audit.k8s.io/v1 and since this is not available in your output you cannot use this and hence the error.

Heres a document that might help you.

-- Tarun Khosla
Source: StackOverflow
8/3/2020

From what I understand you are trying to define a network policy.

In k8s documentation you can find several examples regarding networking policies and every one of these examples is using:

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy

I have also noticed that the yaml file content you provided is not valid. Please refer to the networking policies documentation mentioned earlier or k8s api referece guide for more detailed description of k8s yaml fields.

-- Matt
Source: StackOverflow