Kubernetes Security - Pod Security Standards | How to use them to enforce security contexts

Let's look at how we can set the standards for out Pod security. We as administrators want to be sure that the people using the cluster follow some security best practices and don't just allow permissions all over the place!

Pod Security Standards: https://kubernetes.io/docs/concepts/s...
Pod Security Admission: https://kubernetes.io/docs/concepts/s...
Enforcing Standards with Namespace Labels: https://kubernetes.io/docs/tasks/conf...

There are other approaches to this which I didn't cover in this video, but will in a later one, such as Open Policy Agent and Kyverno. These aren't Kubernetes native as such but provide native Kubernetes policy management on a more granular level.

OPA: https://www.openpolicyagent.org/docs/...
Kyverno: https://kyverno.io/

00:00 - Intro
00:16 - In This Video
01:48 - What Are The Standards?
04:20 - How Do We Apply The Standards?
05:56 - Applying The Standards To A Namespace
06:59 - Testing The Standards
09:05 - Confirming To The Standards
14:14 - Wrap Up