In the Docker Security Cheatsheet, RULE #3 - Limit capabilities, when discussing about the configuration of Kubernetes Security, at the end it is specified that administrator can configure 'Pod Security Policies'. But the issue is 'Pod Security Policies' have been deprecated by Kubernetes and removed from latest version - "PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25." https://kubernetes.io/docs/concepts/security/pod-security-policy/
How should this be resolved?
We need to update the document to remove that line and either specify the following alternative:
you can enforce similar restrictions on Pods using either or both:
Pod Security Admission
a 3rd party admission plugin, that you deploy and configure yourself
What is missing or needs to be updated?
In the Docker Security Cheatsheet, RULE #3 - Limit capabilities, when discussing about the configuration of Kubernetes Security, at the end it is specified that administrator can configure 'Pod Security Policies'. But the issue is 'Pod Security Policies' have been deprecated by Kubernetes and removed from latest version - "PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25." https://kubernetes.io/docs/concepts/security/pod-security-policy/
How should this be resolved?
We need to update the document to remove that line and either specify the following alternative: you can enforce similar restrictions on Pods using either or both:
Pod Security Admission a 3rd party admission plugin, that you deploy and configure yourself
As per the document.