opa-pod-security-templates
OfficialSecure Kubernetes with OPA pod security templates
Software Engineering#kubernetes#capabilities#policy-as-code#opa#security-context#pod-security#privileged-containers
Authoradaptive-enforcement-lab
Version1.0.0
Installs0
System Documentation
What problem does it solve?
OPA Pod Security Templates help teams enforce strong security boundaries in Kubernetes by preventing privileged containers, restricting dangerous Linux capabilities, and enforcing secure Pod security contexts across workloads.
Core Features & Use Cases
- Block privileged containers to eliminate container breakout vectors.
- Drop dangerous capabilities by default and validate safe capability grants to pods and containers.
- Enforce pod and container security contexts (runAsNonRoot, readOnlyRootFilesystem, seccomp, and prevent privilege escalation) to harden deployments.
- Use case: apply overview.yaml, capabilities.yaml, contexts.yaml, and escalation.yaml to implement defense-in-depth across development and production clusters.
Quick Start
Apply overview.yaml to begin enforcing Pod Security policies in your cluster.
Dependency Matrix
Required Modules
kubectljq
Components
scripts
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: opa-pod-security-templates Download link: https://github.com/adaptive-enforcement-lab/claude-skills/archive/main.zip#opa-pod-security-templates Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.