0PricingLogin
Kubernetes Basics · Lesson

Pod Security Standards

Apply Pod Security Standards to enforce security best practices at the Pod level.

What are PSS?

Kubernetes Pod Security Standards (PSS) are a set of guidelines and controls for enforcing security best practices on your Pods.

They help protect your cluster from common security vulnerabilities and privilege escalation attacks by restricting what Pods can do.

Think of them as a security checklist for your Pods!

Three Levels of Security

PSS defines three distinct security levels, each offering a different degree of protection:

  • Privileged: Unrestricted, the least secure.
  • Baseline: Prevents known privilege escalations.
  • Restricted: Enforces hardened security best practices.

These levels are cumulative, meaning Restricted includes all Baseline protections, and Baseline includes all Privileged (or rather, no restrictions).

All lessons in this course

  1. Role-Based Access Control (RBAC)
  2. Network Policies for Isolation
  3. Pod Security Standards
  4. Service Accounts and Workload Identity
← Back to Kubernetes Basics