Winter Sale Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 8w52ceb345

Create a PSP that will only allow the persistentvolumeclaim as the volume type in the...

Linux Foundation CKS Full Course Access
Linux Foundation CKS View All Questions

Create a PSP that will only allow the persistentvolumeclaim as the volume type in the namespace restricted.

Create a new PodSecurityPolicy named prevent-volume-policy which prevents the pods which is having different volumes mount apart from persistentvolumeclaim.

Create a new ServiceAccount named psp-sa in the namespace restricted.

Create a new ClusterRole named psp-role, which uses the newly created Pod Security Policy prevent-volume-policy

Create a new ClusterRoleBinding named psp-role-binding, which binds the created ClusterRole psp-role to the created SA psp-sa.

Hint:

Also, Check the Configuration is working or not by trying to Mount a Secret in the pod maifest, it should get failed.

POD Manifest:

    apiVersion: v1

    kind: Pod

    metadata:

    name:

    spec:

    containers:

    - name:

    image:

    volumeMounts:

    - name:

    mountPath:

    volumes:

    - name:

    secret:

    secretName:

CKS PDF/Engine
  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions
buy now CKS pdf
Get 60% Discount on All Products, Use Coupon: "8w52ceb345"
Next
Documentation Ingress, Service, NGINX Ingress ControllerYou must connect to the correct host .
Documentation Deployments, Pods, bom Command Help bom-helpYou must connect to the correct host.
Previous