mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-29 02:45:06 +00:00
Code Activity

update podSecurityStandard from default to baseline (#2084)

Browse source 
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
This commit is contained in:
shuting 2021-06-29 15:54:17 -07:00 committed by GitHub
parent 63f4c9a884
commit 2c9e52af98
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
charts/kyverno/README.md
View file

@ -104,7 +104,7 @@ The following table lists the configurable parameters of the kyverno chart and t
| `service.type` | type of service | `ClusterIP` |
| `tolerations` | list of node taints to tolerate | `[]` |
| `securityContext` | security context configuration | `{}` |
| `podSecurityStandard` | set desired pod security level `privileged`, `default`, `restricted`, `custom`. Set to `restricted` for maximum security for your cluster. See: https://kyverno.io/policies/pod-security/ | `baseline` |
| `podSecurityStandard` | set desired pod security level `privileged`, `baseline`, `restricted`, `custom`. Set to `restricted` for maximum security for your cluster. See: https://kyverno.io/policies/pod-security/ | `baseline` |
| `podSecuritySeverity` | set desired pod security severity `low`, `medium`, `high`. Used severity level in PolicyReportResults for the selected pod security policies. | `medium` |
| `podSecurityPolicies` | Policies to include when `podSecurityStandard` is set to `custom` | `[]` |
| `validationFailureAction` | set to get response in failed validation check. Supported values are `audit` and `enforce`. See: https://kyverno.io/docs/writing-policies/validate/ | `audit` |