[zh] Update content/zh-cn/docs/reference/access-authn-authz/admission…

…-controllers.md Signed-off-by: wuyanping <wuyanping@uniontech.com> Update content/zh-cn/docs/reference/access-authn-authz/admission-controllers.md Co-authored-by: Michael <haifeng.yao@daocloud.io> Update content/zh-cn/docs/reference/access-authn-authz/admission-controllers.md Co-authored-by: Michael <haifeng.yao@daocloud.io> Update content/zh-cn/docs/reference/access-authn-authz/admission-controllers.md Co-authored-by: Michael <haifeng.yao@daocloud.io>
kubernetes · Nov 24, 2023 · cbc8415 · cbc8415
1 parent 1483479
commit cbc8415
Showing 1 changed file with 10 additions and 0 deletions.
diff --git a/content/zh-cn/docs/reference/access-authn-authz/admission-controllers.md b/content/zh-cn/docs/reference/access-authn-authz/admission-controllers.md
@@ -1494,6 +1494,16 @@ You should enable this admission controller if you intend to make any use of Kub
 的自动化。强烈推荐为 Kubernetes 项目启用此准入控制器。
 如果你打算使用 Kubernetes 的 `ServiceAccount` 对象，你应启用这个准入控制器。
 
+<!--
+Regarding the annotation `kubernetes.io/enforce-mountable-secrets`: While the annotation's name suggests it only concerns the mounting of Secrets,
+its enforcement also extends to other ways Secrets are used in the context of a Pod.
+Therefore, it is crucial to ensure that all the referenced secrets are correctly specified in the ServiceAccount.
+-->
+关于 `kubernetes.io/enforce-mountable-secrets` 注解：尽管注解的名称表明它只涉及 Secret 的挂载，
+但其执行范围也扩展到 Pod 上下文中 Secret 的其他使用方式。
+因此，确保所有引用的 Secret 在 ServiceAccount 中被正确指定是至关重要的。
+
+
 ### StorageObjectInUseProtection   {#storageobjectinuseprotection}
 
 <!--