Devops
537 installs
Kubernetes Security Policies
by wshobson/agents
Implement Kubernetes security policies including NetworkPolicy, PodSecurityPolicy, and RBAC for production-grade security. Use when securing Kubernetes…
Skill content
Defense-in-depth Kubernetes security through network policies, pod security standards, RBAC, and admission control. - Covers three pod security levels (Privileged, Baseline, Restricted) enforced via namespace labels for graduated security posture - Provides NetworkPolicy templates for default-deny, service-to-service communication, and DNS egress patterns - Includes RBAC configuration examples for roles, cluster roles, and bindings to implement least-privilege access - Demonstrates OPA Gatekeeper constraint templates and Istio mTLS/AuthorizationPolicy for policy enforcement and service mesh security - References CIS Kubernetes Benchmark and NIST Cybersecurity Framework compliance patterns with troubleshooting commands for NetworkPolicy and RBAC validation Kubernetes Security Policies Comprehensive guide for implementing NetworkPolicy, PodSecurityPolicy, RBAC, and Pod Security Standards in Kubernetes. Purpose Implement defense-in-depth security for Kubernetes clusters using network policies, pod security standards, and RBAC. When to Use This Skill - Implement network segmentation - Configure pod security standards - Set up RBAC for least-privilege access - Create security policies for compliance - Implement admission control - Secure multi-tenant clusters Pod Security Standards