Update policy seccomp-psp-policy to target high level resources

kubewarden / seccomp-psp-policy

A Kubewarden Pod Security Policy that controls usage of Seccomp profiles

https://kubewarden.io

Apache License 2.0

4 stars 4 forks source link

Update policy seccomp-psp-policy to target high level resources #25

Open jvanz opened 2 years ago

jvanz commented 2 years ago

Update the policy from targeting Pod resource to target higher level objects like deployments. This is a better practice because we prevent the resources to be created instead of failing in the deployment phase when the pods are created.

niheetes commented 9 months ago

This is an issue we see too. It would be really good for the policies to check pod started by higher level objects like deployments, statefulsets and so on.

Is this something on the planning to be looked at / picked up?

jvanz commented 9 months ago

So far, we are not planning to work on that. However, as you are interested on this. I've added this issue to the Kubewarden board and I'll bring this issue to discussion in our next planning/daily call. I let you know about that asap.