Update policy apparmor-psp-policy to target high level resources

kubewarden / apparmor-psp-policy

A Kubewarden Pod Security Policy that controls usage of AppArmor profiles

https://kubewarden.io

Apache License 2.0

6 stars 4 forks source link

Update policy apparmor-psp-policy to target high level resources #22

Open jvanz opened 2 years ago

jvanz commented 2 years ago

Update the policy from targeting Pod resource to target higher level objects like deployments. This is a better practice because we prevent the resources to be created instead of failing in the deployment phase when the pods are created.

As an example, see https://github.com/kubewarden/allow-privilege-escalation-psp-policy/pull/33.

geeksambhu commented 1 year ago

I am working on this

viccuad commented 1 year ago

assigning it to you! :)

jvanz commented 1 year ago

@geeksambhu are you still working on this?

viccuad commented 1 year ago

@geeksambhu I'm cleaning the assignees, to unblock this for other people. If you want to work on this, please raise your hand ).

geeksambhu commented 1 year ago

@viccuad, I will work on this.

viccuad commented 1 year ago

Reassigning then! Thanks!