-
Notifications
You must be signed in to change notification settings - Fork 512
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
docs: add SECURITY_GUIDANCE.md #821
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
With the policy in place, you were able to do normal, useful things with a pod, right? :)
2af4186
to
46b6469
Compare
This policy is sufficiently restrictive that it won't work for all workloads; some of the pods in the |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was in the middle of commenting more things, but you addressed them on the fly!
46b6469
to
73a79f4
Compare
Signed-off-by: Ben Cressey <bcressey@amazon.com>
73a79f4
to
f02ea21
Compare
Issue number:
#766
Description of changes:
Adds documentation for security recommendations and example configurations.
Testing done:
Verified that a specially crafted pod was rejected by the example PSP policy.
Terms of contribution:
By submitting this pull request, I agree that this contribution is dual-licensed under the terms of both the Apache License, version 2.0, and the MIT license.