# Best Practice Policies

| Best practice                                  | Policy
|------------------------------------------------|-----------------------------------------------------------------------|
| Run as non-root user              | [policy_validate_deny_runasrootuser.yaml](best_practices/policy_validate_deny_runasrootuser.yaml)                    |



# Additional Policies

| Description                                  | Policy
|------------------------------------------------|-----------------------------------------------------------------------|
| Allow an FSGroup that owns the pod's volumes             | [policy_validate_fsgroup.yaml](additional/policy_validate_fsgroup.yaml)                    |