Update Pod Security Admission Controller for k8s 1.24

Update k8s version. Remove technology preview. Fixed typos. Story: 2010301 Task: 46748 Signed-off-by: Elisamara Aoki Goncalves <elisamaraaoki.goncalves@windriver.com> Change-Id: If7fcb253090975576994a7923b5c7500a184bbb0
2022-11-02 16:07:38 -03:00 · 2022-11-02 16:07:38 -03:00 · a8ca207890
commit a8ca207890
parent a4597d3998
1 changed files with 23 additions and 23 deletions
--- a/doc/source/security/kubernetes/pod-security-admission-controller-8e9e6994100f.rst
+++ b/doc/source/security/kubernetes/pod-security-admission-controller-8e9e6994100f.rst
@ -1,12 +1,12 @@
 .. _pod-security-admission-controller-8e9e6994100f:

-======================================================
-Technology Preview - Pod Security Admission Controller
-======================================================
+=================================
+Pod Security Admission Controller
+=================================

 Pod Security Admission (PSA) Controller is the |PSP| replacement, and this
-document describes the technical preview of |PSA| functionality which is 'beta'
-quality in K8S v1.23 .
+document describes the |PSA| functionality, which is 'beta' quality in
+Kubernetes v1.24 .

 The |PSA| admission controller acts on creation and modification of the pod and
 determines if it should be admitted based on the requested security context and
@ -54,7 +54,7 @@ enforce

 audit
    Policy violations will trigger the addition of an audit annotation to the
-    event recorded in the K8S audit log but are otherwise allowed.
+    event recorded in the Kubernetes audit log but are otherwise allowed.

 warn
    Policy violations will trigger a user-facing warning but are otherwise
@ -73,7 +73,7 @@ This is a generic namespace configuration using labels.
    pod-security.kubernetes.io/<MODE>: <LEVEL>

    # Optional: per-mode version label can be used to pin the policy to the
-    # version that shipped with a given Kubernetes minor version (e.g. v1.23).
+    # version that shipped with a given Kubernetes minor version (e.g. v1.24).
    #
    # MODE must be one of `enforce`, `audit`, or `warn`.
    # VERSION must be a valid Kubernetes minor version, or `latest`.
@ -89,7 +89,7 @@ Enable Pod Security Admission

 To enable |PSA|, Pod Security feature gate must be enabled.

-Starting with Kubernetes 1.23 version, PodSecurity feature gate is enabled by
+Starting with Kubernetes 1.24 version, Pod Security feature gate is enabled by
 default.

 For Kubernetes version 1.22, Pod Security feature gate can be enabled using
@ -111,8 +111,8 @@ configuration, ``apiserver_extra_args`` and ``apiserver_extra_volumes``.
 Configure defaults for the Pod Security Admission Controller
 ------------------------------------------------------------

-For the technology preview of the |PSA| controller, the |PSA| controller can be
-configured with default security polices and exemptions at bootstrap time.
+The |PSA| controller can be configured with default security polices and
+exemptions at bootstrap time.

 The Default |PSA| controller configuration will apply to namespaces that are
 not configured with the ``pod-security.kubernetes.io`` labels to specify a
@ -224,11 +224,11 @@ This page walks through a usage example of |PSA| where you will:
     name: baseline-ns
     labels:
      pod-security.kubernetes.io/enforce: baseline
-      pod-security.kubernetes.io/enforce-version: v1.23
+      pod-security.kubernetes.io/enforce-version: v1.24
      pod-security.kubernetes.io/warn: baseline
-      pod-security.kubernetes.io/warn-version: v1.23
+      pod-security.kubernetes.io/warn-version: v1.24
      pod-security.kubernetes.io/audit: baseline
-      pod-security.kubernetes.io/audit-version: v1.23
+      pod-security.kubernetes.io/audit-version: v1.24

    controller-0:~$ kubectl apply -f baseline-ns.yaml

@ -239,11 +239,11 @@ This page walks through a usage example of |PSA| where you will:
     name: privileged-ns
     labels:
      pod-security.kubernetes.io/enforce: privileged
-      pod-security.kubernetes.io/enforce-version: v1.23
+      pod-security.kubernetes.io/enforce-version: v1.24
      pod-security.kubernetes.io/warn: privileged
-      pod-security.kubernetes.io/warn-version: v1.23
+      pod-security.kubernetes.io/warn-version: v1.24
      pod-security.kubernetes.io/audit: privileged
-      pod-security.kubernetes.io/audit-version: v1.23
+      pod-security.kubernetes.io/audit-version: v1.24

    controller-0:~$ kubectl apply -f privileged-ns.yaml

@ -254,11 +254,11 @@ This page walks through a usage example of |PSA| where you will:
     name: restricted-ns
     labels:
      pod-security.kubernetes.io/enforce: restricted
-      pod-security.kubernetes.io/enforce-version: v1.23
+      pod-security.kubernetes.io/enforce-version: v1.24
      pod-security.kubernetes.io/warn: restricted
-      pod-security.kubernetes.io/warn-version: v1.23
+      pod-security.kubernetes.io/warn-version: v1.24
      pod-security.kubernetes.io/audit: restricted
-      pod-security.kubernetes.io/audit-version: v1.23
+      pod-security.kubernetes.io/audit-version: v1.24

    controller-0:~$ kubectl apply -f restricted-ns.yaml