Kubernetes Pod Security Policy Concepts: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
| Line 8: | Line 8: | ||
A pod security policy is an example of a [[Kubernetes Concepts#Kubernetes_Policies|Kubernetes policy]]. | A pod security policy is an example of a [[Kubernetes Concepts#Kubernetes_Policies|Kubernetes policy]]. | ||
Pod security policy is implemented by a set of specialized Kubernetes resources ([[#PodSecurityPolicy|PodSecurityPolicy]]), generic resources (ServiceAccount, higher level pod controllers such as Deployments, ReplicaSets and so on), the admission and other controllers, all working in concert to ensure that the pods are created within strict security assumptions, and the pods access various resources in a controlled, secured manner. | |||
=PodSecurityPolicy= | |||
Revision as of 00:57, 3 September 2020
External
- https://kubernetes.io/docs/concepts/policy/pod-security-policy/
- https://kubernetes.io/docs/concepts/security/pod-security-standards/
Internal
Overview
A pod security policy is an example of a Kubernetes policy.
Pod security policy is implemented by a set of specialized Kubernetes resources (PodSecurityPolicy), generic resources (ServiceAccount, higher level pod controllers such as Deployments, ReplicaSets and so on), the admission and other controllers, all working in concert to ensure that the pods are created within strict security assumptions, and the pods access various resources in a controlled, secured manner.