mirror of
https://github.com/siderolabs/talos.git
synced 2025-10-31 16:31:13 +01:00
9dace93b59
As Talos 1.1 supports Kubernetes 1.22-1.24, we can finally enable Pod
Security Admission by default:
```yaml
apiVersion: apiserver.config.k8s.io/v1
kind: AdmissionConfiguration
plugins:
- configuration:
apiVersion: pod-security.admission.config.k8s.io/v1alpha1
defaults:
audit: restricted
audit-version: latest
enforce: baseline
enforce-version: latest
warn: restricted
warn-version: latest
exemptions:
namespaces:
- kube-system
runtimeClasses: []
usernames: []
kind: PodSecurityConfiguration
name: PodSecurity
path: ""
```
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>