Create default k8s security policy for Turbinia

### Name and Version

charts/turbinia

### What is the problem this feature will solve?

Improves the security of the deployment / underlying containers


### What is the feature you are proposing to solve the problem?

Configure and test a set of security policies for the Turbinia deployment.

This can include:
```
securityContext:
  readOnlyRootFilesystem: true
  runAsNonRoot: true
  allowPrivilegeEscalation: false
  runAsUser: <USER ID MAPPED IN CONTAINER>
```

Also by enabling the default seccomp profile: https://kubernetes.io/docs/tutorials/security/seccomp/

More guidance can be found here: https://kubernetes.io/docs/concepts/security/pod-security-standards/

The Turbinia Worker may also need to stay as privileged given the need of accessing the underlying raw disk attached to a given node/machine.

### What alternatives have you considered?

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Create default k8s security policy for Turbinia #116

Name and Version

What is the problem this feature will solve?

What is the feature you are proposing to solve the problem?

What alternatives have you considered?

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Create default k8s security policy for Turbinia #116

Description

Name and Version

What is the problem this feature will solve?

What is the feature you are proposing to solve the problem?

What alternatives have you considered?

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions