Best practices

K8S API server configuration without PodSecurityPolicy admissions control plugin

Risk Level

Informational (4)

Platform(s)

  • N/A

Compliance Frameworks

Description

It was found that the API server configuration admission control plugins parameter does not include 'PodSecurityPolicy'. An admission controller is a code which being executed after the request authentication and authorization in order to validate it or change it. This admission controller determines if a pod should be admitted based on requested security context.

  • Recommended Mitigation

    It is recommended to include the PodSecurityPolicy plugin in the '--enable-admission-plugins' parameter.

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.