MongoByte MongoDB Logo

Welcome to the new MongoDB Feedback Portal!

{Improvement: "Your idea"}
We’ve upgraded our system to better capture and act on your feedback.
Your feedback is meaningful and helps us build better products.

Add new feedback Subscribe
Status Completed
Created by Guest
Created on Apr 9, 2020

RELATED FEEDBACK

Enhance security by leveraging PodSecurityPolicies

PodSecurityPolicies are a way to enhance security in a k8s cluster. Currently the Kubernetes Operator and the Helm Chart does not offer a way to integrate PSPs. If an administrator wants to enforce PSPs for the cluster where the MongoDB Kubernetes Operator is deployed, he would need to do this manually which leads to additional manual steps (e.g. editing the Operator role to allow "use" "psp"). Please introduce a way to secure the MongoDB Management (Ops Manager, Operator) and Workload (MongoDB custom resources) with PSPs in the Kubernetes Operator / Helm ecosystem.
  • Attach files
  • Guest
    Aug 21, 2020
    The operator now exposes StsTemplates for each pod type we create, which can not support adding PSP required parameters like runAsUser, allowHostIPC etc This is now supported.
    Reply
  • Guest
    Aug 11, 2020
    The operator can now expose stateful set template for all the pods it manages. So its possible now to add necessary parameters to our Pods required by PSP
    Reply