a1f6615206
Update pod security standards to use PodOS field
2022-08-18 15:47:41 -04:00
b167938367
Scrub PSP docs for 1.25
2022-08-15 21:09:41 -04:00
d705d9ed1c
Batch fix links (3)
2022-07-09 09:14:06 +08:00
c61be7d79c
Update pod-security-standards-hostprocess-state ( #34264 )
...
* Update pod-security-standards-hostprocess-state
Signed-off-by: Mark Rossetti <marosset@microsoft.com>
* using hugo short-code
2022-06-16 11:08:48 -07:00
f15cfaeb39
Merge pull request #33974 from JimBugwadia/pss
...
move other policy engines
2022-06-01 04:19:02 -07:00
fb97ad2140
Update content/en/docs/concepts/security/pod-security-standards.md
...
Co-authored-by: Rey Lejano <rlejano@gmail.com>
2022-05-30 07:49:41 -07:00
495642c688
Update content/en/docs/concepts/security/pod-security-standards.md
...
Co-authored-by: Qiming Teng <tengqm@outlook.com>
2022-05-26 17:43:29 -07:00
7c5f243af7
move other policy engines
...
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
2022-05-26 16:17:26 -07:00
79c01ff06d
Update content/en/docs/concepts/security/pod-security-standards.md
...
Co-authored-by: Tim Allclair <timallclair@gmail.com>
2022-05-19 17:03:39 -04:00
03f0d23228
Clarify privileged Pod Security Standard description
2022-05-19 14:51:51 -04:00
7e0a2162d7
Fix missing links
2022-04-12 16:46:38 +08:00
672813f3e7
Move PSP into Security concepts section
...
The logical navigation definitely works better if Pod Security admission
and PodSecurityPolicy are pages in the same section. Make It So.
Co-authored-by: Rey Lejano <rlejano@gmail.com>
2022-03-30 17:30:35 +01:00
198ae37902
Rewrite PodSecurityPolicy migration guide ( #31782 )
2022-02-24 18:07:56 -08:00
4ca5ff6b3c
PodSecurity: remove optional non-root group check
2022-01-24 10:10:12 -05:00
8917b26250
PodSecurity: switch restricted volume check to positive check
2022-01-24 10:09:00 -05:00
d330226a95
Merge remote-tracking branch 'upstream/main' into dev-1.23
2021-11-17 12:55:09 -05:00
e50ce5f269
PodSecurity: runAsUser
2021-10-28 11:21:02 -04:00
b1d1fc369e
Minor typo corrections and improvements for 'Overview of Cloud Native Security' page ( #30185 )
...
* Update overview.md
Minor typo corrections and improvements.
* Update overview.md
* Fix broken link
2021-10-27 05:53:25 -07:00
dad01370f8
add kyverno and fix OPA/GK link
...
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
2021-08-18 11:07:02 -07:00
08387d8434
add kubewarden as an alternative to enforce security profiles
...
add third-party content shortcode and list
2021-08-10 07:41:30 -07:00
af2f72ad59
Windows HostProcess Container Documentation ( #28413 )
...
* Rebasing HostProcess security changes.
* Incorporated initial round of feedback
* Minor wording updates
* Finished up remaining todo items
* Apply suggestions from code review
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>
Co-authored-by: Mark Rossetti <marosset@microsoft.com>
* Moved HostProcess security documentation into PSS and create-host-process-pod docs
* Updated with for James' review
* Apply suggestions from code review
Co-authored-by: Tim Bannister <tim@scalefactory.com>
Co-authored-by: James Sturtevant <jsturtevant@gmail.com>
* Minor edits
* Modifications for additional feedback
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>
Co-authored-by: Mark Rossetti <marosset@microsoft.com>
Co-authored-by: Tim Bannister <tim@scalefactory.com>
Co-authored-by: James Sturtevant <jsturtevant@gmail.com>
2021-07-27 00:50:45 -07:00
e0d4b53b1c
incorporating initial round of feedback
2021-07-21 15:33:46 +00:00
37dd90d81a
feature: Pod Security Standards documentation
2021-07-12 12:53:36 +00:00
b3aef35da7
Use shortcode for PodSecurityPolicy examples
2021-06-19 01:47:52 +01:00
dcd2dd4852
Update SELinux standards ( #27653 )
...
* Update SELinux standards
* address feedback
2021-05-14 11:19:59 -07:00
6645f390f6
Remove "defalut" from the baseline policy name
2021-02-16 11:36:36 -08:00
70eba58d3b
Contex to Context
2020-09-19 16:48:42 +05:30
70b75e16f0
Merge pull request #22981 from shuuji3/en/replace-special-quote-with-normal-ones
...
Replace special quote characters with normal ones
2020-08-26 14:55:02 -07:00
95c94c03d5
resolving conflicts
2020-08-23 12:13:37 -04:00
c6a96128c4
Replace special quote characters with normal ones.
2020-08-11 21:05:22 +09:00
0a861ca7c0
use traditional UNIX language
...
Refer to the 02000 and 04000 bits in file permissions as "set-user-ID mode" and "set-group-ID mode", as the UNIX manuals have done since 4th edition per suggestion by sftim
2020-08-06 21:55:41 -05:00
aa8e0d6677
Correct Privilege Escalation section
2020-08-04 14:23:42 -05:00
e2a861c2f9
Merge remote-tracking branch 'upstream/master' into dev-1.19
2020-07-27 19:10:42 -04:00
3ad7ea77f1
Add documentation for generally available seccomp functionality
...
Signed-off-by: hasheddan <georgedanielmangum@gmail.com>
2020-07-20 13:51:17 -05:00
259655797b
Remove container level supplementalGroups and fsgroup
2020-07-02 11:07:24 -07:00
29f3c2858c
Merge pull request #21591 from scottstout/master
...
Changed whitelist to allowlist and blacklist to denylist.
2020-06-10 16:12:56 -07:00
ecc27bbbe7
add en pages
2020-06-09 19:33:15 -04:00
e38b9dc9c6
revised to minumize usage of whitelist/blacklist
2020-06-09 14:14:52 -05:00
9065e168f0
Minor cleanup of standardized pod security
2020-06-04 11:22:52 -07:00
44db1a13c9
Add missing PSP restrictions to standard security profiles
2020-06-02 17:13:12 -07:00
75652e8585
Standardized pod security profiles
2020-05-20 16:54:37 -07:00
ravisantoshgudimetla
Jordan Liggitt
Qiming Teng
Mark Rossetti
Kubernetes Prow Robot
Jim Bugwadia
Mengjiao Liu
Tim Bannister
Tim Allclair
Jesse Butler
Guilherme Macedo
Rey Lejano
Brandon Smith
Samuel Roth
Tim Allclair
Tej-Singh-Rana
Savitha Raghunathan
TAKAHASHI Shuuji
Tabitha Sable
hasheddan
Sertaç Özercan
Karen Bradshaw
Scott Stout