https://github.com/kubewarden/volumes-psp-policy
Replacement for the Kubernetes Pod Security Policy that controls the usage of volumes
https://github.com/kubewarden/volumes-psp-policy
hacktoberfest kubernetes kubernetes-security kubewarden-policy pod-security-policy policy-as-code webassembly
Last synced: 6 months ago
JSON representation
Replacement for the Kubernetes Pod Security Policy that controls the usage of volumes
- Host: GitHub
- URL: https://github.com/kubewarden/volumes-psp-policy
- Owner: kubewarden
- License: apache-2.0
- Created: 2021-08-11T10:04:21.000Z (almost 4 years ago)
- Default Branch: main
- Last Pushed: 2024-12-09T10:40:33.000Z (6 months ago)
- Last Synced: 2024-12-09T11:36:59.281Z (6 months ago)
- Topics: hacktoberfest, kubernetes, kubernetes-security, kubewarden-policy, pod-security-policy, policy-as-code, webassembly
- Language: Go
- Homepage: https://kubewarden.io
- Size: 976 KB
- Stars: 2
- Watchers: 6
- Forks: 2
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: CODEOWNERS
Awesome Lists containing this project
README
[](https://github.com/kubewarden/community/blob/main/REPOSITORIES.md#policy-scope)
[](https://github.com/kubewarden/community/blob/main/REPOSITORIES.md#stable)
# psp-volumes-policy
Replacement for the Kubernetes Pod Security Policy that controls the usage of
volumes in pods.
## Settings
The policy takes the list of the allowed volume types using the `allowedTypes`
setting. Example:
```yaml
allowedTypes:
- configMap
- downwardAPI
- emptyDir
- persistentVolumeClaim
- secret
- projected
```
The default value of allowedTypes is `[ ]`. The special value `*` can be used
to allow all kind of volumes.
No other value can be specified together with `*`. For example,
`allowedTypes: ['*', 'configMap']` is not a valid configuration setting.