From 2bf6502edbba9c9e5ab54942aba36674b1bf28e7 Mon Sep 17 00:00:00 2001
From: rejain456 <155685406+rejain456@users.noreply.github.com>
Date: Sun, 12 Jan 2025 10:56:20 -0800
Subject: [PATCH] [NPM Lite] Default Deny - Updating Network Container Contract
 (#3338)

* added an additional field in network contract from cns to cni

* updated default deny acl type

* updated name of acl

* fixed spelling
---
 cns/NetworkContainerContract.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/cns/NetworkContainerContract.go b/cns/NetworkContainerContract.go
index 394f871f09..c93187a0e2 100644
--- a/cns/NetworkContainerContract.go
+++ b/cns/NetworkContainerContract.go
@@ -9,6 +9,7 @@ import (
 
 	"github.com/Azure/azure-container-networking/cns/types"
 	"github.com/Azure/azure-container-networking/crd/nodenetworkconfig/api/v1alpha"
+	"github.com/Azure/azure-container-networking/network/policy"
 	"github.com/google/uuid"
 	"github.com/pkg/errors"
 	corev1 "k8s.io/api/core/v1"
@@ -503,6 +504,8 @@ type PodIpInfo struct {
 	Routes []Route
 	// PnpId is set for backend interfaces, Pnp Id identifies VF. Plug and play id(pnp) is also called as PCI ID
 	PnPID string
+	// Default Deny ACL's to configure on HNS endpoints for Swiftv2 window nodes
+	EndpointPolicies []policy.Policy
 }
 
 type HostIPInfo struct {