Add PodSecurityPolicy to cluster
From #556 (closed) we learned that a secure cluster should have a (or more) pod security policy in place:
1.2.16 Follow the documentation and create Pod Security Policy objects as per your environment. Then, edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the master node and set the --enable-admission-plugins parameter to a value that includes PodSecurityPolicy: --enable-admission-plugins=...,PodSecurityPolicy,... Then restart the API Server.
-
Make sure to add test 1.2.16 to the kube-bench pytest!