Skip to content

Kubernetes: Pod Security Policy

Published on

Introduce the concept of a Pod Security Policy and examine the steps to incorporate a Pod Security Policy, including understanding the options, building a working policy, deploy/test the policy, adjust, and deploy to production. We also explore the various pieces of a Pod Security Policy, including privileged, host namespaces, volumes/filesystems, users/groups, privilege escalation, capabilities, SE Linux/AppArmor, SecComp, and Sysctl.