Config Reference
Auto-generated from the ShieldFileConfig model. Unknown keys are rejected at load time (extra='forbid').
Top-level keys
| Key |
Type |
Default |
Description |
mode |
Literal |
"auto" |
Firewall mode. auto selects the best available; hook forces OCI hook mode. |
default_profiles |
list of string |
[] |
Allowlist profiles applied when no explicit list is given. |
audit:
| Key |
Type |
Default |
Description |
enabled |
boolean |
true |
Write per-container JSONL audit logs. |
Example
config.yml# Firewall mode. auto selects the best available; hook forces OCI hook mode.
mode: auto
# Allowlist profiles applied when no explicit list is given.
default_profiles: []
# Audit logging settings
audit:
# Write per-container JSONL audit logs.
enabled: true