Types of Kubernetes Policies

Kubernetes policies can be Role-based access control (RBAC) policy or Pod Security Admission (PSA) policy.

PSA Policy

PSA policy allows you to regulate access to computer or network resources by enforcing POD security standards. You can implement the POD security at the cluster level or at the namespace level by using the namespace labels.

The three levels of Pod Security are privileged, baseline, and restricted. If multiple PSA policies are applied to a CNF, then a policy that has a more permissive Pod Security Standard is applied to the CNF.

Note:

PSA policies are applied only to CNFs that are in podSecurity or restricted isolation mode.

RBAC Policy

RBAC policy allows you to regulate access to computer or network resources based on the roles of individual users. See Lifecycle of an RBAC Policy.

Note:

RBAC policies are applied only to CNFs that are in restricted isolation mode.

Note:

Isolation mode of the CNF can come from VIM isolation mode where the CNF is deployed or can be set manually after CNF creation.