Complete the code to specify the Pod Security Standard level in the namespace annotation.
apiVersion: v1
kind: Namespace
metadata:
name: secure-namespace
annotations:
pod-security.kubernetes.io/enforce: [1]The restricted level enforces the highest security standards for pods in the namespace.
Complete the code to set the audit level for Pod Security Standards in the namespace annotation.
apiVersion: v1
kind: Namespace
metadata:
name: audit-namespace
annotations:
pod-security.kubernetes.io/audit: [1]The restricted audit level logs violations of the strictest Pod Security Standards.
Fix the error in the Pod Security Standard annotation key to enforce the baseline policy.
apiVersion: v1
kind: Namespace
metadata:
name: baseline-namespace
annotations:
pod-security.kubernetes.io/enforce: [1]The correct annotation key is pod-security.kubernetes.io/enforce with the value baseline. The given key is incorrect.
Fill both blanks to set the enforce and warn levels for Pod Security Standards in a namespace.
apiVersion: v1
kind: Namespace
metadata:
name: mixed-namespace
annotations:
pod-security.kubernetes.io/enforce: [1]
pod-security.kubernetes.io/warn: [2]The enforce annotation should be set to restricted for strict enforcement, while the warn annotation can be set to baseline to warn about less strict policy violations.
Fill all three blanks to create a Pod Security Standard policy with enforce, warn, and audit levels.
apiVersion: v1
kind: Namespace
metadata:
name: full-policy-namespace
annotations:
pod-security.kubernetes.io/enforce: [1]
pod-security.kubernetes.io/warn: [2]
pod-security.kubernetes.io/audit: [3]This configuration enforces the restricted level, warns at the baseline level, and audits the privileged level.