kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update content/en/docs/concepts/security/pod-security-standards.md 

Co-authored-by: Tim Allclair <timallclair@gmail.com>
This commit is contained in:
Jordan Liggitt 2022-05-19 17:03:39 -04:00 committed by GitHub
parent 03f0d23228
commit 79c01ff06d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
content/en/docs/concepts/security/pod-security-standards.md
View File

@ -29,9 +29,8 @@ This guide outlines the requirements of each policy.
**The _Privileged_ policy is purposely-open, and entirely unrestricted.** This type of policy is **The _Privileged_ policy is purposely-open, and entirely unrestricted.** This type of policy is
typically aimed at system- and infrastructure-level workloads managed by privileged, trusted users. typically aimed at system- and infrastructure-level workloads managed by privileged, trusted users.
The Privileged policy is defined by an absence of restrictions. For allow-by-default enforcement The Privileged policy is defined by an absence of restrictions. Allow-by-default
mechanisms (such as gatekeeper), the Privileged policy may be an absence of applied constraints mechanisms (such as gatekeeper) may be Privileged by default. In contrast, for a deny-by-default mechanism (such as Pod
rather than an instantiated profile. In contrast, for a deny-by-default mechanism (such as Pod
Security Policy) the Privileged policy should disable all restrictions. Security Policy) the Privileged policy should disable all restrictions.
### Baseline ### Baseline