Kubernetes Pod Security Policies (PSP) are deprecated as of 1.21. What now?
OPA Gatekeeper
The industry standard replacement is Open Policy Agent (OPA) Gatekeeper. It acts as an admission controller using Rego policy language.
Azure Policy for Kubernetes
On AKS, this is managed for you. You can turn on policies like “Require read-only root filesystem” or “Disallow privileged containers” via the Azure Portal, and it deploys Gatekeeper under the hood.
Discover more from C4: Container, Code, Cloud & Context
Subscribe to get the latest posts sent to your email.