Skip to content

K8S Pod Security Policy

Replacing an k8s_pod_security_policy object will update the object by replacing the existing spec with the provided one. For read-then-write operations a resourceVersion mismatch will occur if the object was modified between the read and write.

ToolDescription
f5xc-api-managedkubernetes-k8s-pod-security-policy-createCreate Configuration Specification.
f5xc-api-managedkubernetes-k8s-pod-security-policy-getGET Configuration Specification.
f5xc-api-managedkubernetes-k8s-pod-security-policy-listList K8s Pod Security Policy.
f5xc-api-managedkubernetes-k8s-pod-security-policy-updateReplace Configuration Specification.
f5xc-api-managedkubernetes-k8s-pod-security-policy-deleteDELETE K8s Pod Security Policy.
ParameterDescriptionExample
metadata.namespaceNamespace-
nameName-
namespaceNamespace-
metadata.nameName-
ParameterDescriptionExample
response_formatThe format in which the configuration object is to be fetched. This could be for example-
label_filterA LabelSelectorType expression that every item in list response will satisfy.-
report_fieldsThe report_fields parameter-
report_status_fieldsThe report_status_fields parameter-

This resource includes mutually exclusive configuration options:

OptionDescriptionRecommended
spec.psp_spec-
spec.yaml-
OptionDescriptionRecommended
spec.psp_spec.allowed_capabilities-
spec.psp_spec.no_allowed_capabilities-
OptionDescriptionRecommended
spec.psp_spec.default_capabilities-
spec.psp_spec.no_default_capabilities-
OptionDescriptionRecommended
spec.psp_spec.drop_capabilities-
spec.psp_spec.no_drop_capabilities-
OptionDescriptionRecommended
spec.psp_spec.fs_group_strategy_options-
spec.psp_spec.no_fs_groups-
OptionDescriptionRecommended
spec.psp_spec.no_run_as_group-
spec.psp_spec.run_as_group-
OptionDescriptionRecommended
spec.psp_spec.no_runtime_class-
OptionDescriptionRecommended
spec.psp_spec.no_se_linux_options-
OptionDescriptionRecommended
spec.psp_spec.no_supplemental_groups-
spec.psp_spec.supplemental_groups-
OptionDescriptionRecommended
spec.psp_spec.no_run_as_user-
spec.psp_spec.run_as_user-

Ask Claude to help you work with K8S Pod Security Policy resources:

“Create a k8s-pod-security-policy named ‘example’ in the ‘production’ namespace”

“List all k8s-pod-security-policys in the ‘production’ namespace”

“Get details of the k8s-pod-security-policy named ‘example’ in namespace ‘production‘“

Terminal window
# List resources
curl -X GET "https://${TENANT}.console.ves.volterra.io/api/config/namespaces/${NAMESPACE}/k8s_pod_security_policys" \
-H "Authorization: APIToken ${F5XC_API_TOKEN}" \
-H "Content-Type: application/json"
# Get specific resource
curl -X GET "https://${TENANT}.console.ves.volterra.io/api/config/namespaces/${NAMESPACE}/k8s_pod_security_policys/<name>" \
-H "Authorization: APIToken ${F5XC_API_TOKEN}" \
-H "Content-Type: application/json"
# Create resource
curl -X POST "https://${TENANT}.console.ves.volterra.io/api/config/namespaces/${NAMESPACE}/k8s_pod_security_policys" \
-H "Authorization: APIToken ${F5XC_API_TOKEN}" \
-H "Content-Type: application/json" \
-d @k8s_pod_security_policy.json
# Delete resource
curl -X DELETE "https://${TENANT}.console.ves.volterra.io/api/config/namespaces/${NAMESPACE}/k8s_pod_security_policys/<name>" \
-H "Authorization: APIToken ${F5XC_API_TOKEN}"