mirror of
https://github.com/rancher/rancher-docs.git
synced 2026-05-05 20:53:33 +00:00
Billy Tat
19 lines
1.1 KiB
Markdown
19 lines
1.1 KiB
Markdown
---
|
|
title: Assigning Pod Security Policies
|
|
---
|
|
|
|
_Pod Security Policies_ are objects that control security-sensitive aspects of pod specification (like root privileges).
|
|
|
|
## Adding a Default Pod Security Policy
|
|
|
|
When you create a new cluster with RKE, you can configure it to apply a PSP immediately. As you create the cluster, use the **Cluster Options** to enable a PSP. The PSP assigned to the cluster will be the default PSP for projects within the cluster.
|
|
|
|
>**Prerequisite:**
|
|
>Create a Pod Security Policy within Rancher. Before you can assign a default PSP to a new cluster, you must have a PSP available for assignment. For instruction, see [Creating Pod Security Policies](../authentication-permissions-and-global-configuration/create-pod-security-policies.md).
|
|
>**Note:**
|
|
>For security purposes, we recommend assigning a PSP as you create your clusters.
|
|
|
|
To enable a default Pod Security Policy, set the **Pod Security Policy Support** option to **Enabled**, and then make a selection from the **Default Pod Security Policy** drop-down.
|
|
|
|
When the cluster finishes provisioning, the PSP you selected is applied to all projects within the cluster.
|