policyDefinitions/Kubernetes/do-not-allow-container-privilege-escalation-in-kubernetes-cluster/constraint.yaml

apiVersion: constraints.gatekeeper.sh/v1beta1 kind: K8sAzureContainerNoPrivilegeEscalation metadata: name: psp-container-no-privilege-escalation spec: match: excludedNamespaces: {{ .Values.excludedNamespaces }} kinds: - apiGroups: [""] kinds: ["Pod"]

policyDefinitions/Kubernetes/do-not-allow-container-privilege-escalation-in-kubernetes-cluster/constraint.yaml (10 lines of code) (raw):