Pod Security

Policies to secure Kubernetes Pods.

Policies based on Kubernetes Pod Security Standards. To apply all pod security policies (recommended) install Kyverno and run:

kustomize build https://github.com/kyverno/policies/pod-security | kubectl apply -f -

Default

Minimally restrictive policy to prevent known privilege escalations.

Restricted

Heavily restricted policies following current Pod hardening best practices.

Last modified December 30, 2020: update text (3fbb353)