Marco Bravo
If you don’t know, ask – if you know, share! ~ opensource mindset 
➠ "We may not have control over our circumstances, but we do have control over our minds"
➠ What do I want to do next?
Create a Kubernetes security policy
by Marco Bravo
Kubernetes is an incredibly powerful container management tool. If you’ve worked with containers long enough, you know that security has to take a central role in the deployment of your apps and services. Without locking down those containers, havoc could be wreaked on your network.
What is a pod? If you’re new to Kubernetes, you might not know what a pod is. Simply stated, a Kubernetes pod is a collection of processes that make up a container, such as:
- Storage resources
- Unique network IP address
- Options that govern how the container should run
In other words, a pod is a unit of deployment–either a single container or a number of containers working together.
What is a pod security policy?
The Kubernetes pod security policy is a resource that controls the security of a pod specification. Using the PodSecurityPolicy object definition, you can control things like:
- The ability to run privileged containers
- Privilege escalation
- Access to volume types
- Access to host file systems
- Usage of host networking
But how to define the policy? As with almost everything in Kubernetes, this is defined within a YAML file.
tags: kubernetes - k8s - security - policy