Recreation of common Pod Security Policy configuration in other common Kubernetes policy engines
-
Updated
Jun 12, 2024 - TypeScript
Recreation of common Pod Security Policy configuration in other common Kubernetes policy engines
Constellation is the first Confidential Kubernetes. Constellation shields entire Kubernetes clusters from the (cloud) infrastructure using confidential computing.
Kubernetes Attack Graph
Crate used by Kubewarden that is able to pull policies from OCI registries and HTTP servers.
Go-to CLI tool for Kubewarden users
Kubewarden's User Interface
A roadmap to learn Kubernetes from scratch (Beginner to Advanced level)
Policy is designed to enforce constraints on the resource requirements of Kubernetes containers
Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
Webhook server that evaluates WebAssembly policies to validate Kubernetes requests
Workflow to rebuild and sign rancher/kubectl image
A Kubewarden Policy that detects usage of deprecated and dropped Kubernetes resources
A policy that prevents the creation of Service resources with type LoadBalancer
A template repository to quickly scaffold a Kubewarden policy written with Go language
Demo policy showing how to write a raw mutating policy
A Kubewarden policy that controls usage of sysctls
Policy to enforce requirements on Kubernetes Ingress resources.
Example of Rancher Fleet bundle for Kubewarden
Replacement for the Kubernetes Pod Security Policy that controls the usage of fsGroup in the pod security context
A Kubewarden Policy that controls the usage of environment variables
Add a description, image, and links to the kubernetes-security topic page so that developers can more easily learn about it.
To associate your repository with the kubernetes-security topic, visit your repo's landing page and select "manage topics."