Difference between revisions of "Kubernetes PodSecurityPolicy (PSP) (deprecated)"
Jump to navigation
Jump to search
(2 intermediate revisions by the same user not shown) | |||
Line 7: | Line 7: | ||
− | kubernetes.io/psp: eks.privileged | + | [[kubernetes.io/psp]]: [[eks.privileged]] |
+ | kubectl get pods \ | ||
+ | --all-namespaces \ | ||
+ | --output jsonpath='{.items[*].metadata.annotations.kubernetes\.io\/psp}' \ | ||
+ | | tr " " "\n" | sort -u | ||
+ | == Errors == | ||
[[helm install --set persistence.enabled=true grafana grafana/grafana]] | [[helm install --set persistence.enabled=true grafana grafana/grafana]] | ||
Error: INSTALLATION FAILED: unable to build kubernetes objects from release manifest: [resource mapping not found | Error: INSTALLATION FAILED: unable to build kubernetes objects from release manifest: [resource mapping not found | ||
Line 24: | Line 29: | ||
* {{PSP}} | * {{PSP}} | ||
* {{Gatekeeper}} | * {{Gatekeeper}} | ||
+ | * {{K8s security}} | ||
[[Category:K8s]] | [[Category:K8s]] |
Latest revision as of 08:59, 26 January 2024
Deprecated in v1.21 (April 2021), removed in v1.25 (Aug 2022)
kubectl get psp kubectl get psp eks.privileged
kubernetes.io/psp: eks.privileged
kubectl get pods \ --all-namespaces \ --output jsonpath='{.items[*].metadata.annotations.kubernetes\.io\/psp}' \ | tr " " "\n" | sort -u
Errors[edit]
helm install --set persistence.enabled=true grafana grafana/grafana Error: INSTALLATION FAILED: unable to build kubernetes objects from release manifest: [resource mapping not found for name: "grafana" namespace: "" from "": no matches for kind "PodSecurityPolicy" in version "policy/v1beta1" ensure CRDs are installed first, resource mapping not found for name: "grafana-test" namespace: "" from "": no matches for kind "PodSecurityPolicy" in version "policy/v1beta1" ensure CRDs are installed first]
Related[edit]
See also[edit]
- Open Policy Agent (OPA), Gatekeeper
- PodSecurityPolicy (PSP) (deprecated), PSA, PSS,
kubernetes.io/psp
- Gatekeeper, installation, XProtect, OPA,
gatekeeper.sh, config.gatekeeper.sh, gatekeeper-webhook-service
- Kubernetes security, OPA, EKS security, PSA, PSS, CKS,
SecurityContext
, Trivy, KubeBench, Kubernetes Admission Controllersadmissionregistration.k8s.io
, Hardeneks, Gatekeeper (Kubernetes),kubernetes.io/enforce-mountable-secrets
, Auditing
Advertising: