Kubernetes policy templates are groups of predefined or custom rules that do not include exceptions.
Predefined rule sets cover the following categories:
| Category | Purpose |
|---|---|
| Command | Limits Kubernetes command-line commands |
| Container Images | Identifies vulnerabilities in container images |
| CRD | Limits usage of custom resources |
| Custom | All custom rules that exist in the system |
| Network | Ensures that service types are not exposed outside of Kubernetes |
| Quota | Establishes CPU and memory quotas |
| RBAC | Limits new roles with extensive privileges |
| Volume | Limits access to data |
| Workload Security | Rules based on the Kubernetes security configuration. See Pod Security Standards (external link). |
