Statements (59)
| Predicate | Object |
|---|---|
| gptkbp:instance_of |
gptkb:fortification
|
| gptkbp:bfsLayer |
5
|
| gptkbp:bfsParent |
gptkb:Kubernetes_1.24
|
| gptkbp:applies_to |
Pod updates
new Pods |
| gptkbp:block |
Pod creation
Pod updates |
| gptkbp:enables |
gptkb:Kubernetes_1.25
via feature gates |
| gptkbp:enforces |
security policies
|
| https://www.w3.org/2000/01/rdf-schema#label |
Pod Security admission
|
| gptkbp:introduced |
Kubernetes 1.22
|
| gptkbp:is_designed_for |
Kubernetes clusters
|
| gptkbp:is_documented_in |
Kubernetes documentation
|
| gptkbp:is_evaluated_by |
Pod specifications
Pod creation process Pod update process |
| gptkbp:is_implemented_in |
gptkb:Kubernetes_API_server
|
| gptkbp:is_monitored_by |
Kubernetes audit logs
|
| gptkbp:is_part_of |
Kubernetes security features
Kubernetes security posture |
| gptkbp:is_related_to |
compliance requirements
security best practices network policies Kubernetes resources container security Kubernetes networking Kubernetes controllers resource quotas security contexts Pod Disruption Budgets Kubernetes clusters management Kubernetes namespaces Kubernetes storage Kubernetes operators Dev Sec Ops practices Kubernetes scheduling Kubernetes service accounts Kubernetes monitoring Kubernetes policies Kubernetes API objects Kubernetes logging Kubernetes role bindings Kubernetes roles Pod Security standards |
| gptkbp:is_supported_by |
Kubernetes community
|
| gptkbp:is_tested_for |
Kubernetes e2e tests
|
| gptkbp:is_used_in |
development environments
production environments |
| gptkbp:level |
baseline
restricted privileged |
| gptkbp:provides |
three levels of security
|
| gptkbp:replaced_by |
gptkb:Pod_Security_Policy
|
| gptkbp:requires |
RBAC permissions
|
| gptkbp:setting |
cluster administrators
namespace annotations via admission configuration |
| gptkbp:uses |
Admission Review API
|