|
gptkbp:instance_of
|
gptkb:fortification
|
|
gptkbp:bfsLayer
|
3
|
|
gptkbp:bfsParent
|
gptkb:fortification
|
|
gptkbp:allows
|
host networking
volume types
|
|
gptkbp:applies_to
|
namespaces
|
|
gptkbp:can_be_used_with
|
Network Policies
Custom Resource Definitions (CR Ds)
|
|
gptkbp:can_provide
|
privileged containers
|
|
gptkbp:controls
|
security contexts of pods
|
|
gptkbp:defines
|
allowed security contexts
|
|
gptkbp:enforces
|
security policies
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
Pod Security Policy
|
|
gptkbp:introduced
|
Kubernetes 1.6
|
|
gptkbp:is_documented_in
|
Kubernetes documentation
|
|
gptkbp:is_evaluated_by
|
Admission webhooks
|
|
gptkbp:is_monitored_by
|
Kubernetes audit logs
|
|
gptkbp:is_part_of
|
Kubernetes security model
|
|
gptkbp:is_related_to
|
Admission Controllers
|
|
gptkbp:is_subject_to
|
Kubernetes API versioning
|
|
gptkbp:is_used_in
|
Kubernetes clusters
|
|
gptkbp:managed_by
|
cluster administrators
|
|
gptkbp:provides
|
fine-grained control over pod security
|
|
gptkbp:replaced_by
|
gptkb:Pod_Security_Admission
gptkb:theorem
|
|
gptkbp:requires
|
RBAC for authorization
|
|
gptkbp:setting
|
YAML files
|