diff --git a/doc/source/archive/configuration/k8s_pod_sec_policies.rst b/doc/source/archive/configuration/k8s_pod_sec_policies.rst index 046e37f62..cd7571b0f 100644 --- a/doc/source/archive/configuration/k8s_pod_sec_policies.rst +++ b/doc/source/archive/configuration/k8s_pod_sec_policies.rst @@ -2,6 +2,13 @@ Pod Security Policies ===================== +.. note:: + + PodSecurityPolicy (PSP) ONLY applies if running on K8S v1.24 or earlier. + PodSecurityPolicy (PSP) is deprecated as of Kubernetes v1.21 and removed from K8S v1.25. + Instead of using PodSecurityPolicy, you can enforce similar restrictions on Pods using + :ref:`Pod Security Admission Controller ` + .. note:: This guide was replaced by: :ref:`Pod Security Policies ` diff --git a/doc/source/security/kubernetes/assign-pod-security-policies.rst b/doc/source/security/kubernetes/assign-pod-security-policies.rst index cb67dd989..a31660bf5 100644 --- a/doc/source/security/kubernetes/assign-pod-security-policies.rst +++ b/doc/source/security/kubernetes/assign-pod-security-policies.rst @@ -6,6 +6,13 @@ Assign Pod Security Policies ============================ +.. note:: + + PodSecurityPolicy (PSP) ONLY applies if running on K8S v1.24 or earlier. + PodSecurityPolicy (PSP) is deprecated as of Kubernetes v1.21 and removed from K8S v1.25. + Instead of using PodSecurityPolicy, you can enforce similar restrictions on Pods using + :ref:`Pod Security Admission Controller ` + This section describes Pod security policies for **cluster-admin users**, and **non-cluster-admin users**. diff --git a/doc/source/security/kubernetes/disable-pod-security-policy-checking.rst b/doc/source/security/kubernetes/disable-pod-security-policy-checking.rst index 5a5d826da..e4f9ecd96 100644 --- a/doc/source/security/kubernetes/disable-pod-security-policy-checking.rst +++ b/doc/source/security/kubernetes/disable-pod-security-policy-checking.rst @@ -6,6 +6,13 @@ Disable Pod Security Policy Checking ==================================== +.. note:: + + PodSecurityPolicy (PSP) ONLY applies if running on K8S v1.24 or earlier. + PodSecurityPolicy (PSP) is deprecated as of Kubernetes v1.21 and removed from K8S v1.25. + Instead of using PodSecurityPolicy, you can enforce similar restrictions on Pods using + :ref:`Pod Security Admission Controller ` + You can delete the previously added PodSecurityPolicy service parameter to disable pod security policy checking. diff --git a/doc/source/security/kubernetes/enable-pod-security-policy-checking.rst b/doc/source/security/kubernetes/enable-pod-security-policy-checking.rst index ede9b4ddc..3a72d878c 100644 --- a/doc/source/security/kubernetes/enable-pod-security-policy-checking.rst +++ b/doc/source/security/kubernetes/enable-pod-security-policy-checking.rst @@ -6,6 +6,13 @@ Enable Pod Security Policy Checking =================================== +.. note:: + + PodSecurityPolicy (PSP) ONLY applies if running on K8S v1.24 or earlier. + PodSecurityPolicy (PSP) is deprecated as of Kubernetes v1.21 and removed from K8S v1.25. + Instead of using PodSecurityPolicy, you can enforce similar restrictions on Pods using + :ref:`Pod Security Admission Controller ` + .. rubric:: |proc| #. Set the kubernetes kube_apiserver admission_plugins system parameter to diff --git a/doc/source/security/kubernetes/pod-security-policies.rst b/doc/source/security/kubernetes/pod-security-policies.rst index ca2e997df..c17a549c7 100644 --- a/doc/source/security/kubernetes/pod-security-policies.rst +++ b/doc/source/security/kubernetes/pod-security-policies.rst @@ -6,6 +6,13 @@ Pod Security Policies ===================== +.. note:: + + PodSecurityPolicy (PSP) ONLY applies if running on K8S v1.24 or earlier. + PodSecurityPolicy (PSP) is deprecated as of Kubernetes v1.21 and removed from K8S v1.25. + Instead of using PodSecurityPolicy, you can enforce similar restrictions on Pods using + :ref:`Pod Security Admission Controller ` + |PSPs| enable fine-grained authorization of pod creation and updates. |PSPs| control access to security sensitive aspects of Pod specifications