Skip to content

/ operator Public

Permalink
master
Switch branches/tags

operator/docs/pod-security-policy.md

Go to file
 
 
Cannot retrieve contributors at this time
Using PodSecurityPolicy for MinIO Pods Getting Started
13 lines (8 sloc) 952 Bytes
Raw Blame

Using PodSecurityPolicy for MinIO Pods Slack

This document explains how to apply PodSecurityPolicy to MinIO Pods created by the MinIO Operator. A Pod Security Policy is a cluster-level resource that controls security sensitive aspects of the pod specification. Read more in Kubernetes PodSecurityPolicy Documentation.

Getting Started

Use the example to apply a custom PodSecurityPolicy to all the MinIO Pods created by the Operator.

kubectl create -f https://github.com/minio/operator/tree/master/examples/tenant-pod-security-policy.yaml

This file creates a custom PodSecurityPolicy. Then it creates a ClusterRole attached to the PodSecurityPolicy. Finally a ClusterRoleBinding bounds the ClusterRole to a ServiceAccount which is added to all the MinIO Pods created by the MinIO Operator.