AZU006 - Ensure AKS cluster has Network Policy configured

Explanation

The Kubernetes object type NetworkPolicy should be defined to have opportunity allow or block traffic to pods, as in a Kubernetes cluster configured with default settings, all pods can discover and communicate with each other without any restrictions.

Insecure Example

The following example will fail the AZU006 check.

resource "azurerm_kubernetes_cluster" "bad_example" {
	network_profile {
	  }
}

Secure Example

The following example will pass the AZU006 check.

resource "azurerm_kubernetes_cluster" "good_example" {
	network_profile {
	  network_policy = "calico"
	  }
}