Statements (87)
| Predicate | Object |
|---|---|
| gptkbp:instance_of |
gptkb:fortification
|
| gptkbp:can_be_extended_by |
custom admission controllers
|
| gptkbp:developed_by |
Kubernetes community
|
| gptkbp:enables |
production environments
in certain Kubernetes distributions via feature gates in some Kubernetes distributions via feature gate |
| gptkbp:enforces |
pod security standards
Pod Security Standards |
| https://www.w3.org/2000/01/rdf-schema#label |
Pod Security Admission
|
| gptkbp:introduced |
Kubernetes 1.22
|
| gptkbp:is_adopted_by |
cloud-native applications
|
| gptkbp:is_compatible_with |
Kubernetes RBAC
Kubernetes versions 1.22 and above |
| gptkbp:is_considered |
pod specifications
|
| gptkbp:is_designed_for |
gptkb:fortification
Kubernetes clusters |
| gptkbp:is_documented_in |
Kubernetes documentation
Kubernetes release notes Kubernetes security documentation |
| gptkbp:is_evaluated_by |
security audits
security contexts Kubernetes admission webhooks pod creation incoming pod requests pod updates |
| gptkbp:is_implemented_in |
gptkb:Kubernetes_API_server
webhooks Admission webhook |
| gptkbp:is_influenced_by |
CIS benchmarks
|
| gptkbp:is_integrated_with |
CI/ CD pipelines
Kubernetes logging solutions Kubernetes networking policies |
| gptkbp:is_monitored_by |
security incidents
Kubernetes audit logs |
| gptkbp:is_part_of |
Kubernetes ecosystem
Kubernetes security best practices Kubernetes security architecture Kubernetes security features Kubernetes security compliance Kubernetes security controls Kubernetes security policies |
| gptkbp:is_related_to |
container security
Kubernetes networking Kubernetes namespaces Kubernetes RBAC Kubernetes resource management Kubernetes resource quotas Kubernetes security contexts Kubernetes admission control |
| gptkbp:is_subject_to |
Kubernetes resource quotas
|
| gptkbp:is_supported_by |
Kubernetes community
Kubernetes plugins Kubernetes ecosystem tools Kubernetes community resources |
| gptkbp:is_tested_for |
security benchmarks
Kubernetes e2e tests Kubernetes end-to-end tests |
| gptkbp:is_used_by |
Kubernetes clusters
Dev Ops teams |
| gptkbp:is_used_for |
compliance enforcement
|
| gptkbp:is_used_in |
Kubernetes deployments
|
| gptkbp:is_used_to |
prevent privilege escalation
enforce security best practices manage pod security policies manage pod security levels prevent insecure pods |
| gptkbp:operates |
gptkb:Kubernetes_Pods
|
| gptkbp:provides |
security controls
security contexts for pods |
| gptkbp:replaced_by |
gptkb:Pod_Security_Policy
|
| gptkbp:requires |
gptkb:Kubernetes_API_server
RBAC permissions |
| gptkbp:setting |
security policies
kubectl commands Kubernetes manifests Kubernetes config maps Kubernetes API objects multi-tenant clusters namespace labels Namespace labels via annotations |
| gptkbp:supports |
three security levels
three levels of security |
| gptkbp:bfsParent |
gptkb:fortification
|
| gptkbp:bfsLayer |
3
|