Merge pull request #33974 from JimBugwadia/pss

move other policy engines
2022-06-01 04:19:02 -07:00 · 2022-06-01 04:19:02 -07:00 · f15cfaeb39
parent 370e5273b7 fb97ad2140
commit f15cfaeb39
1 changed files with 10 additions and 8 deletions
--- a/content/en/docs/concepts/security/pod-security-standards.md
+++ b/content/en/docs/concepts/security/pod-security-standards.md
@ -457,6 +457,16 @@ of individual policies are not defined here.
 - {{< example file="policy/baseline-psp.yaml" >}}Baseline{{< /example >}}
 - {{< example file="policy/restricted-psp.yaml" >}}Restricted{{< /example >}}

+### Alternatives
+
+{{% thirdparty-content %}}
+
+Other alternatives for enforcing policies are being developed in the Kubernetes ecosystem, such as: 
+- [Kubewarden](https://github.com/kubewarden)
+- [Kyverno](https://kyverno.io/policies/pod-security/)
+- [OPA Gatekeeper](https://github.com/open-policy-agent/gatekeeper)
+
+
 ## FAQ

 ### Why isn't there a profile between privileged and baseline?
@ -480,14 +490,6 @@ as well as other related parameters outside the Security Context. As of July 202
 [Pod Security Policies](/docs/concepts/security/pod-security-policy/) are deprecated in favor of the
 built-in [Pod Security Admission Controller](/docs/concepts/security/pod-security-admission/). 

-{{% thirdparty-content %}}
-
-Other alternatives for enforcing security profiles are being developed in the Kubernetes
-ecosystem, such as: 
- [OPA Gatekeeper](https://github.com/open-policy-agent/gatekeeper).
- [Kubewarden](https://github.com/kubewarden).
- [Kyverno](https://kyverno.io/policies/pod-security/).
-
 ### What profiles should I apply to my Windows Pods?

 Windows in Kubernetes has some limitations and differentiators from standard Linux-based