Keane Lim 3c5fa979a4 Security guide update

Re-organized topic hierarchy

Tiny edit to restart review workflow.

Squashed with Resolved index.rst conflict commit

Change-Id: I13472792cb19d1e9975ac76c6954d38054d606c5
Signed-off-by: Keane Lim <keane.lim@windriver.com>
Signed-off-by: MCamp859 <maryx.camp@intel.com>

2021-03-12 15:10:40 -05:00

787 B

Raw Blame History

Enable Pod Security Policy Checking

Set the kubernetes kube_apiserver admission_plugins system parameter to include PodSecurityPolicy.

~(keystone_admin)$ system service-parameter-add kubernetes kube_apiserver admission_plugins=PodSecurityPolicy

Apply the Kubernetes system parameters.

~(keystone_admin)$ system service-parameter-apply kubernetes

View the automatically added pod security policies.

$ kubectl get psp
$ kubectl describe <psp> privileged
$ kubectl describe <psp> restricted

787 B Raw Blame History

Enable Pod Security Policy Checking

787 B

Raw Blame History