What Is an Admission Control Policy?
An admission control policy is a rule applied by the control plane when a resource is submitted, deciding whether to accept, reject, or modify it before it is persisted. Validating policies block non-compliant resources while mutating ones inject defaults or sidecars. Policies can be written declaratively and evaluated by an in-cluster engine.
Why it matters
Admission policies are where guardrails like required labels, image trust, and security baselines are enforced at the gate. They catch misconfigurations before they ever run, including from CI-driven deploys.
Related guides
What Is a Content Trust Policy?A content trust policy requires container images to be cryptographically signed and verified before they may…
What Is a Pod Security Standard?A pod security standard is a predefined set of security restrictions, privileged, baseline, or restricted, th…
What Is Sidecar Proxy Injection?Sidecar proxy injection automatically adds a proxy container alongside each app container so a service mesh c…