CNCFKubernetesSecurityIntermediate23 min read

What Is Pod Security Standards? Security Definition

Also known as: Pod Security Standards, Kubernetes pod security, CKS exam prep, CNCF security, pod security policies vs pod security standards

Reviewed byJohnson Ajibi· Senior Network & Security Engineer · MSc IT Security
On This Page

Quick Definition

Pod Security Standards are rules that Kubernetes uses to control what a container inside a pod can and cannot do. Think of them like security badges that limit what actions a user can perform inside a building. These standards help protect the cluster by stopping containers from running as root, accessing the host system, or using dangerous capabilities. They come in three levels: Privileged, Baseline, and Restricted, each offering different amounts of security and flexibility.

Must Know for Exams

Pod Security Standards are a core topic in the Certified Kubernetes Security Specialist (CKS) exam. The CKS exam objectives explicitly include cluster hardening, compliance, and pod security contexts. According to the official CNCF curriculum, candidates must be able to configure and apply Pod Security Standards using the PodSecurity admission controller.

The exam often presents scenarios where a cluster has multiple namespaces with different sensitivity levels, and the candidate must select and apply the appropriate standard. For example, a question might provide a namespace called production with a Deployment that runs as root, and ask the candidate to apply the Restricted standard to that namespace, then verify that the pod is rejected. The candidate must know how to label namespaces with the correct annotations: pod-security.

kubernetes.io/enforce, pod-security.kubernetes.io/warn, and pod-security.kubernetes.io/audit. They must also understand the difference between the three levels and the specific restrictions each level imposes.

In the CKS exam, questions may also require troubleshooting failed pods due to security policy violations. The candidate needs to read the pod events and the admission controller logs to determine why the pod was rejected, then adjust the pod spec or the namespace label accordingly. Another typical exam pattern involves a multi-tenant cluster where one team needs a pod with privileged access for a monitoring agent, while all other pods must follow Baseline.

The candidate must configure the namespace for the monitoring team with the Privileged standard and other namespaces with Baseline or Restricted. The CKS exam is performance-based, meaning candidates interact with a live cluster, so they must be comfortable using kubectl to inspect and modify namespace labels, and to create pods that comply with the security standards. The exam does not test Pod Security Policies (PSP) because they are deprecated, but it may ask about the migration path from PSP to Pod Security Standards.

Understanding the three modes (enforce, audit, warn) and how to use them for rollouts is crucial. Overall, this topic appears in roughly 10-15% of the exam tasks, making it a high-yield study area.

Simple Meaning

Imagine you are renting out rooms in a large apartment building to different tenants. Each tenant gets their own room (a pod), but you need to make sure they don't damage the building, spy on other tenants, or break into the central boiler room. Pod Security Standards are the rules you set for each tenant.

The least restrictive rule, called Privileged, lets the tenant do almost anything, like drilling holes in the walls or installing their own locks, which is useful for maintenance workers but risky for normal tenants. The middle rule, called Baseline, says no drilling, no picking locks, and no touching the electrical panel, but they can use the common areas normally. The most restrictive rule, called Restricted, says the tenant cannot even run as the building manager (root) inside their room, cannot see the hallway cameras, and must use a special door that cannot be opened from the outside.

In Kubernetes, these standards are applied to pods through admission controllers, which check every pod against the rules before it is allowed to run. The cluster administrator chooses which standard to apply to different namespaces, just like a landlord decides which rules apply to which floor of the building. This way, pods that need full access for monitoring or networking can run under Privileged, while regular application pods must follow Baseline or Restricted to keep the cluster safe from attacks like container breakouts or privilege escalation.

Full Technical Definition

Pod Security Standards (PSS) were introduced in Kubernetes version 1.21 as a replacement for the deprecated Pod Security Policies (PSP). They are defined in the Kubernetes documentation as three distinct policy levels: Privileged, Baseline, and Restricted.

Each level controls a set of security fields in the pod's security context, including but not limited to: the ability to run as root, the usage of Linux capabilities (like CAP_SYS_ADMIN), the ability to mount host paths, the ability to use host networking, and the ability to run privileged containers. The Privileged level imposes no restrictions; it allows all security context settings and is intended for system components that require deep access to the host node. The Baseline level prohibits the most obvious and dangerous privileges while still allowing typical application deployments.

It restricts privileged containers, hostPID, hostIPC, hostNetwork, hostPath volumes, and the addition of dangerous Linux capabilities such as CAP_SYS_ADMIN, CAP_NET_ADMIN, and CAP_SYS_PTRACE. The Restricted level goes further by enforcing best practices for pod security. It requires that containers run as non-root, sets the seccomp profile to RuntimeDefault or Localhost, drops all default capabilities and only adds those explicitly needed, and prevents privilege escalation through the allowPrivilegeEscalation field set to false.

Implementation in a real IT environment involves using admission controllers, specifically the PodSecurity admission controller (built into kube-apiserver since 1.23). Administrators can enable this controller by adding it to the --enable-admission-plugins flag or by using a validating webhook.

Policies are applied at the namespace level using labels. For example, a namespace can be labeled with pod-security.kubernetes.io/enforce: restricted to automatically reject any pod that does not meet the Restricted standard.

Audit and warn modes are also available, allowing administrators to log violations or display warnings without blocking deployments, which is useful for migration from older policies. The standards align with the Pod Security Context API, which defines fields like runAsUser, runAsGroup, fsGroup, seLinuxOptions, seccompProfile, and capDrop in the pod specification. When a pod is submitted to the API server, the PodSecurity controller evaluates the pod's specification against the baseline or restricted requirements.

If the pod violates a mandatory field, such as attempting to run as root in a namespace enforcing Restricted, the API server rejects the request and returns an error. This mechanism ensures that security policies are enforced consistently across the cluster without manual review of every pod definition.

Real-Life Example

Consider a large office building with different departments: the IT server room, the general workspace, and the executive suite. Each department has different security rules. The IT server room (Privileged) allows technicians to carry master keys, access the cooling system, and plug directly into network switches.

The general workspace (Baseline) does not allow employees to carry master keys, open server racks, or modify the building's electrical wiring, but they can use the shared printers and internet. The executive suite (Restricted) has even stricter rules: no one can enter with a tool, all badges must be worn visibly, and visitors must be escorted at all times. In Kubernetes, namespaces are like the office floors in this building.

A namespace labeled as Restricted will reject any pod that tries to run as a container with root privileges, just like a security guard stops anyone with a toolkit from entering the executive suite. A namespace labeled as Privileged will accept pods that need these capabilities, like a container that collects host logs or manages network plugins. The building's security system (the admission controller) checks every person's badge (the pod's security context) against the rules for that floor.

If a person tries to enter the general workspace with a crowbar (CAP_SYS_ADMIN), they are denied entry. If they try to enter the executive suite with a root access badge (running as UID 0), they are stopped and the security lodge logs the attempt. This analogy maps directly to Pod Security Standards: the floor rules are the policy levels, the badges are the pod security context fields, and the security guards are the admission controller that checks and enforces the rules.

By applying the correct standard to each namespace, the cluster administrator ensures that only pods with the appropriate security profile can run in sensitive areas, just as a building manager ensures contractors do not wander into restricted areas with dangerous tools.

Why This Term Matters

Pod Security Standards matter because they are one of the most fundamental controls for securing a Kubernetes cluster. Containers share the host kernel, so a compromised container can potentially break out and gain access to the host node, other containers, or sensitive data. Without proper restrictions, a malicious or misconfigured container can run as root, mount sensitive host paths like /var/lib/kubelet or /proc, and install kernel modules.

Pod Security Standards provide a standardized, easy-to-implement framework that prevents these dangerous configurations. In real IT work, especially for organizations subject to compliance requirements like PCI DSS, HIPAA, or SOC 2, enforcing least privilege on containers is not optional. For example, a financial services company running payment processing on Kubernetes must ensure that no container runs as root and that sensitive host resources are not exposed.

Using Restricted-level standards across production namespaces satisfies many compliance controls. Additionally, Pod Security Standards simplify security management compared to the legacy Pod Security Policies, which were complex to write and maintain. With labels on namespaces, administrators can roll out policies incrementally, starting with warn mode to identify violations without breaking running applications, then switching to enforce mode once teams have updated their pod definitions.

This reduces friction between security teams and developers. Furthermore, Pod Security Standards integrate with existing Kubernetes tooling like kubectl, CI/CD pipelines, and GitOps workflows. Developers can test their pods locally against the standard using tools like kyverno or the kube-score linter.

For cluster operators, the standards reduce the attack surface significantly. Common attacks that Pod Security Standards mitigate include container breakout via privileged containers, resource exhaustion via host resource access, and credential theft via hostPath volume mounts. In summary, this concept matters because it directly translates security best practices into enforceable policies that protect the entire cluster infrastructure.

How It Appears in Exam Questions

Exam questions about Pod Security Standards typically fall into three categories: configuration, troubleshooting, and architecture. In configuration questions, the candidate is asked to apply a specific Pod Security Standard to a namespace. For example: You have a namespace called finance that must only allow pods meeting the Restricted standard.

How would you label the namespace to enforce this? The correct answer involves setting the label pod-security.kubernetes.io/enforce: restricted on the namespace. A variation asks the candidate to create a pod that complies with the Baseline standard, specifying the correct securityContext fields such as runAsNonRoot: true or dropping CAP_SYS_ADMIN.

Troubleshooting questions present a pod that is in a pending state with an error about security context. The candidate must examine the pod events using kubectl describe pod, identify that the pod violates the namespace's Pod Security Standard, and then either modify the pod spec to comply or change the namespace label if appropriate. For instance, a pod might be failing because it uses hostNetwork: true in a namespace with Baseline enforcement, which prohibits hostNetwork.

The candidate would need to remove hostNetwork or move the pod to a Privileged namespace. Architecture questions ask about designing a secure cluster with multiple tenants. For example: Your organization has three teams: infrastructure (needs privileged access), web-app (standard), and batch-processing (high security).

Which Pod Security Standard would you apply to each namespace and why? The candidate must justify the choice by referencing the specific restrictions each level allows. Another common type is the migration question: Your cluster currently uses PodSecurityPolicies and you need to migrate to Pod Security Standards.

Describe the steps you would take, including the use of audit and warn modes. The correct answer includes labeling namespaces with warn mode first, checking logs, fixing violations, then switching to enforce mode. Performance-based tasks in the CKS exam may require the candidate to enable the PodSecurity admission controller on a cluster where it is not currently active.

This involves modifying the kube-apiserver configuration to add --enable-admission-plugins=PodSecurity and restarting the API server. Finally, questions may test the knowledge of the specific fields restricted by each level, such as that Restricted requires seccompProfile.type: RuntimeDefault and the dropping of ALL capabilities.

Candidates must memorize these details because the exam does not provide documentation.

Study cncf-cks

Test your understanding with exam-style practice questions.

Practise

Example Scenario

A company called CloudRetail runs its e-commerce platform on a Kubernetes cluster. The platform has multiple namespaces: production, staging, and monitoring. The security team wants to ensure that no container in the production namespace runs as root or uses host-level resources.

The operations team, however, needs to deploy a monitoring agent in the monitoring namespace that must access host logs and run as root. The security architect decides to apply the Restricted standard to the production namespace and the Privileged standard to the monitoring namespace. The staging namespace will use the Baseline standard to allow flexibility while still blocking dangerous configurations.

The architect uses the following commands: kubectl label namespace production pod-security.kubernetes.io/enforce=restricted and kubectl label namespace monitoring pod-security.kubernetes.

io/enforce=privileged. When the development team deploys a new version of the payment service into production, they forget to set runAsNonRoot in the pod spec. The API server rejects the deployment, and an error message indicates that the security context violates the Restricted standard.

The developer checks the pod events, realizes the mistake, updates the deployment to set securityContext.runAsNonRoot: true and drops all capabilities. The deployment succeeds. Meanwhile, the monitoring agent, which requires privileged access, starts successfully in the monitoring namespace because the Privileged standard allows all security context configurations.

This scenario shows how Pod Security Standards enable different teams to work in the same cluster with appropriate security boundaries, without manual approval workflows or complex policy YAML files.

Common Mistakes

Thinking Pod Security Standards are the same as Pod Security Policies (PSPs) and that the same configuration works for both.

Pod Security Policies were an older, deprecated security mechanism that was complex, hard to manage, and could be bypassed. Pod Security Standards are simpler, built into the API server, and use namespace labels instead of ClusterRole bindings and Policy API objects. They are not backward compatible with PSP YAML files.

Learn the Pod Security Standard namespace label approach (pod-security.kubernetes.io/enforce) and ignore PSP syntax entirely. The CKS exam only tests Pod Security Standards for current clusters.

Believing that applying the Baseline standard means a pod cannot run as root.

Baseline does allow the container to run as root, as long as no other dangerous configurations like hostNetwork, hostPID, or privileged mode are used. The restriction on running as root is only in the Restricted standard. Baseline is intended for typical workloads that may still need root inside the container for package installation or port binding, but should not access the host.

Remember: Baseline prohibits host access (hostNetwork, hostPID, hostIPC, hostPath, privileged containers) and dangerous capabilities, but does not force non-root user. Restricted is the only level that requires non-root and enforces seccomp.

Assuming that all three Pod Security Standard levels are mandatory and must be used together on every namespace.

Only one level can be enforced per namespace at a time, but you can use different levels for different modes (enforce, warn, audit) on the same namespace. For example, you can enforce Restricted but also have a warn label with Baseline to warn users about less strict policies. The levels are independent choices per namespace.

Understand that each namespace can have its own enforcement level. You choose the level based on the security requirements of the workloads in that namespace. Privileged is for system components, Baseline for typical apps, Restricted for high-security apps.

Confusing the audit and warn modes. Thinking they block pods just like enforce mode.

Audit mode only logs violations to the API server audit log without any user-visible effect. Warn mode returns a warning message to the user but still allows the pod to run. Only enforce mode actually rejects the pod. This distinction is critical for migration and testing.

Memorize: enforce = block; warn = warn but allow; audit = log but no visible warning. Use warn mode first when migrating to see what would break, then switch to enforce after fixing violations.

Exam Trap — Don't Get Fooled

The exam presents a scenario where a namespace is labeled with Pod Security Standard enforce=baseline, but a pod inside it uses hostPath volume and runs as non-root. The candidate may think the pod will be rejected because hostPath is not allowed in Baseline, but the question might also include that the pod sets allowPrivilegeEscalation to false and drops all capabilities. The trap is that the candidate forgets that Baseline actually allows hostPath volumes as long as they are read-only and not specified in the restricted list.

The real restriction on hostPath in Baseline is more nuanced: it only allows certain hostPath types (like DirectoryOrCreate, FileOrCreate) and does not allow specific dangerous host paths like /proc or /sys. If the hostPath is a harmless path like /tmp/scratch, it may be allowed in Baseline. Study the exact list of fields that Baseline restricts.

For hostPath, remember that Baseline allows hostPath volumes if the path is not dangerous and the volume is read-only. The most commonly disallowed hostPath in Baseline is mounting the host's root filesystem or sensitive directories like /var/lib/kubelet. Use the official Kubernetes documentation for the precise list, and practice with examples.

Commonly Confused With

Pod Security StandardsvsPod Security Policies (PSP)

Pod Security Policies are a deprecated Kubernetes feature that controlled pod security through complex ClusterRole and Policy API objects. Pod Security Standards are the replacement, using simple namespace labels and three predefined policy levels. PSPs required extensive YAML and RBAC configuration, while PSS is much simpler to administer.

Under PSP, you had to write a policy YAML like a ClusterRole, then bind it to a service account. Under PSS, you just run: kubectl label ns my-namespace pod-security.kubernetes.io/enforce=restricted. No extra YAML needed.

Pod Security StandardsvsPod Security Context

Pod Security Context is the set of fields inside a pod specification (securityContext) that defines the user, group, capabilities, and seccomp profile for a pod. Pod Security Standards are the policies that check those security context fields against predefined rules. The security context is what you configure in the pod; the standard is what you enforce at the namespace level.

Setting runAsUser: 1000 in a pod spec is configuring the security context. Applying a Restricted standard to the namespace is the policy that ensures that setting is present and correct. Without the standard, the security context is just a recommendation; with the standard, it is enforced.

Pod Security StandardsvsAdmission Controller

An admission controller is a piece of code that intercepts requests to the Kubernetes API server before objects are persisted. The PodSecurity admission controller specifically evaluates pods against Pod Security Standards. Other admission controllers handle resource quotas, node affinity, or image security. PSS is just one use of the admission controller framework.

The API server has many admission controllers like NamespaceLifecycle, LimitRanger, and PodSecurity. When you submit a pod, the PodSecurity controller checks if it violates the namespace's standard. If it does, the controller rejects the request. The admission controller is the enforcement mechanism, while the standard is the rule set.

Step-by-Step Breakdown

1

Determine the security requirement for each namespace

Before applying any standard, identify the workload types in each namespace. System components like CNI plugins or monitoring agents require Privileged. Typical microservice applications can use Baseline. High-security applications like payment processing should use Restricted. This step ensures that the chosen standard aligns with the actual needs of the workloads.

2

Label the namespace with the chosen Pod Security Standard

Use kubectl label namespace <name> pod-security.kubernetes.io/enforce=<level> where level is privileged, baseline, or restricted. This label tells the PodSecurity admission controller to enforce the policy. You can also add warn and audit labels for the same or different levels to get warnings or logs without enforcement.

3

Update or create a pod specification that complies with the enforced standard

For Restricted enforcement, the pod must set securityContext.runAsNonRoot: true, drop all capabilities, set seccompProfile type to RuntimeDefault, and ensure allowPrivilegeEscalation is false. For Baseline, avoid hostNetwork, hostPID, hostIPC, hostPath, and privileged mode. For Privileged, no restrictions apply.

4

Submit the pod to the API server and observe the response

When you use kubectl apply, the PodSecurity admission controller checks the pod against the namespace's enforce label. If there is a violation, the API server returns an error with a message like Pod violates PodSecurity. If the pod passes, it is created successfully and scheduled to a node.

5

Troubleshoot any rejected pods by checking events and logs

If a pod is rejected, use kubectl describe pod <name> to see events that list the specific violation, such as 'securityContext.seccompProfile' is required. Then modify the pod spec to fix the issue. Alternatively, you can temporarily change the namespace label to warn mode to see violations without blocking, then fix them later.

6

Monitor and audit using audit and warn modes during migration

When moving from no policy or from PSP to PSS, start by adding warn and audit labels with the same level to all namespaces. Review the audit logs and warnings to identify all violating pods. Fix each pod specification over time. Once all violations are resolved, switch the label to enforce mode to make the policy mandatory.

Practical Mini-Lesson

Pod Security Standards are a critical control for anyone managing a Kubernetes cluster, especially in production environments. To configure them effectively, start by understanding your cluster's architecture. You should have a clear map of all namespaces and the workloads they run.

The first practical step is to enable the PodSecurity admission controller on your API server. If you manage your own control plane, edit the kube-apiserver manifest (often in /etc/kubernetes/manifests/) and add --enable-admission-plugins=NodeRestriction,PodSecurity to the command line. If you use a managed Kubernetes service like EKS, GKE, or AKS, the PodSecurity controller is already enabled by default or can be enabled through a feature gate.

Once enabled, you can apply namespace labels. Many organizations use a default namespace called default, but it is best practice to leave it unlabeled or label it with Baseline. For system namespaces like kube-system, you should apply Privileged because many system components require host access.

For user namespaces, choose Baseline for general workloads and Restricted for sensitive data. A common mistake is to label all namespaces with Restricted immediately, which breaks many applications that rely on running as root or using host resources. Instead, adopt a gradual approach: create a new namespace called production-secure with Restricted, then migrate only those applications that can comply.

For existing namespaces, use the warn mode first. For example, run kubectl label namespace production pod-security.kubernetes.io/warn=restricted. Then deploy your application and check the warnings.

In practice, you will find that many container images from public registries run as root by default. These images will fail under Restricted unless you override the security context in the pod spec. To fix this, you can add a security context at the container level: securityContext: { runAsNonRoot: true, runAsUser: 1000, allowPrivilegeEscalation: false, capabilities: { drop: [ALL] }, seccompProfile: { type: RuntimeDefault } }.

For the Baseline level, you mostly need to ensure that your pod does not use hostNetwork, hostPID, hostIPC, or hostPath volumes. Additionally, you must set the security context to drop the most dangerous capabilities. The default container runtime may add capabilities like NET_RAW or CHOWN; Baseline requires you to drop capabilities that allow system-level operations.

In a real environment, you can test compliance using tools like kubectl dry-run or by creating a simple pod with the --dry-run=server flag to see if the API server accepts it. Another practical tip: use the Pod Security Standards in combination with network policies and resource quotas for defense in depth. Even the Restricted standard does not prevent network-based attacks, so combining it with network policies for zero-trust networking is recommended.

If a container is compromised despite the Restricted standard, the attacker still cannot elevate privileges or access the host, limiting the blast radius. Finally, remember that Pod Security Standards are a starting point, not an end state. For advanced compliance, consider using OPA Gatekeeper or Kyverno to enforce custom policies beyond the three levels.

But for the CKS exam and most production clusters, mastering Pod Security Standards is sufficient.

Memory Tip

Remember the three levels in order of increasing security: Privileged (P), Baseline (B), Restricted (R). Think P-B-R: 'Please Be Restricted' to know that Restricted is the most secure. For each level, remember what is blocked: Privileged blocks nothing, Baseline blocks host access (host*), Restricted blocks root and enforces seccomp.

Covered in These Exams

Related Glossary Terms

Frequently Asked Questions

Can I apply different Pod Security Standards to different modes on the same namespace?

Yes, you can. You can set enforce=restricted, warn=baseline, and audit=privileged on the same namespace. This allows you to enforce a strict policy while still providing warnings for less strict configurations and logging all access for auditing.

What happens if I do not label a namespace at all?

If a namespace has no Pod Security Standard labels, the PodSecurity admission controller will not enforce any policy. Pods of any security context will be allowed. This is the default state for new clusters. You must explicitly label the namespace to enable enforcement.

Does the Restricted standard require the container to run as a specific user ID?

No, it only requires that runAsNonRoot is set to true. The actual user ID can be any non-zero UID, such as 1000, 2000, or 65534 (nobody). The key requirement is that the container process cannot have UID 0 (root).

Can I use Pod Security Standards with a multi-tenant cluster?

Yes, they are designed for multi-tenant clusters. Each tenant gets one or more namespaces, and the administrator applies the appropriate standard to each namespace. However, Pod Security Standards alone do not prevent all tenant-to-tenant attacks; you should combine them with network policies and resource quotas for stronger isolation.

Is there a way to allow a specific pod to bypass a namespace's Restricted standard?

Not directly. The PodSecurity controller applies the policy to all pods in the namespace. If you need a particular pod to have more privileges, create a separate namespace with a lower security level (Baseline or Privileged) for that pod. Alternatively, use a validating webhook like Kyverno to create exceptions.

How do Pod Security Standards interact with Kubernetes RBAC?

They are separate. RBAC controls who can perform actions (create pods, read secrets), while Pod Security Standards control what pods are allowed to do (run as root, mount hostPath). Both are necessary for comprehensive security. A user with RBAC permissions to create pods in a namespace still cannot create pods that violate the namespace's Pod Security Standard.

Summary

Pod Security Standards are a foundational security feature in Kubernetes that replace the older, deprecated Pod Security Policies. They define three levels of security: Privileged, which allows full access; Baseline, which blocks obvious host-level risks; and Restricted, which enforces the strictest security by requiring non-root users, seccomp profiles, and dropped capabilities. These standards are applied to namespaces using simple labels, and the PodSecurity admission controller enforces them at pod creation time.

For exam preparation, especially for the CKS, you must know how to label namespaces, how to configure pod security contexts to comply with each level, and how to troubleshoot violations using the three modes: enforce, warn, and audit. In real-world IT environments, Pod Security Standards help organizations meet compliance requirements, reduce the blast radius of container compromises, and enforce least privilege consistently across all workloads. By understanding the differences between the three levels and practicing with sample pod specifications, you can confidently secure a Kubernetes cluster and pass the CKS exam.