Add Security Policies to an NSX Supervisor Cluster Namespace

A Supervisor Cluster that uses NSX networking supports network security policies configured through a security policy CRD.

Create a Security Policy

As a DevOps, you can configure the security policy CRD to apply an NSX based security policy to a Supervisor Cluster namespace. The security policy protects traffic for vSphere Pods and VMs. VMs include TKG cluster nodes and other VMs deployed in the Supervisor Cluster.

Prerequisites

Use NSX version 3.2 or later.

Procedure

Create a security policy CRD.
For the fields to use and CRD examples, see NSX Operator Security Policy CRD documentation on GitHub.
Access your namespace in the Kubernetes environment.
See Get and Use the Supervisor Cluster Context.
Apply the security policy to the namespace.
```
kubectl apply -f policy-name.yaml
```
View your security policy.
1. View details for the security policy.
```
kubectl get securitypolicy policy-name
```
2. View a description of your security policy.
```
kubectl describe securitypolicy policy-name
```

Results

You can also use the NSX UI to view details of your policy. For information, see the VMware NSX Documentation page.