Platform & Container Tools
Kubernetes NetworkPolicy Validator
Paste a Kubernetes NetworkPolicy YAML to validate structure, detect overly-broad selectors, and check CIDR notation. Flags CNI compatibility requirements.
Calculations run locally in your browserTool
About this tool
Kubernetes NetworkPolicy Validator
The Kubernetes NetworkPolicy Validator checks NetworkPolicy YAML structure, pod selector scope, CIDR notation, ingress/egress rule completeness, and CNI enforcement requirements.
โข Validate a deny-all NetworkPolicy before applying to a production namespace
โข Check that a pod selector isn't accidentally selecting all pods in the namespace
โข Verify CIDR ipBlock syntax and except notation before deploying
โข Identify that a policy requires a CNI plugin that supports NetworkPolicy enforcement
Affiliate disclosure
Developer-friendly cloud infrastructure. DigitalOcean provides cloud compute, networking, and managed databases with predictable pricing.
View Kubernetes deployment options
External site ยท Independent provider ยท We may receive a commission ยท Not a recommendation
FAQ
What does this tool tell you?
The Kubernetes NetworkPolicy Validator checks NetworkPolicy YAML structure, pod selector scope, CIDR notation, ingress/egress rule completeness, and CNI enforcement requirements.
What affects the result most?
NetworkPolicy spec validation: podSelector, ingress, egress, policyTypes structure. Empty podSelector: {} selects all pods in namespace โ often unintentionally broad. Deny-all pattern: NetworkPolicy with empty ingress [] blocks all ingress to selected pods.
How should I use the result?
Treat the tool's output as a first-pass check, not a proof of correctness. A clean pass means no issues in the patterns this tool recognizes; a failure points to a specific problem you can investigate in your source. The underlying spec is the authoritative source for edge cases.
Related tools