Your Pod Is Running as Root (and You Don't Know It) | K8s Security in the Wild
Every cluster I've audited had at least one pod running as root. Nobody knew.
In this episode I'll show you:
• Why running as root in a container is dangerous (it's not just theory)
• The one-liner jq audit command to find root pods in your cluster right now
• How to fix it — securityContext, capabilities, readOnlyRootFilesystem
• How to enforce it at scale with Pod Security Standards
• Live demo: reject a root pod at the API server automatically
All commands shown in the video are in the script linked below.
─────────────────────────────────────────────
🔥 Practice this yourself with Mayhem — free K8s incident simulator:
github.com/devops-with-kosa/mayhem-k8s
📺 Subscribe for new episodes every week
@devopswithkosa
─────────────────────────────────────────────
#Kubernetes #KubernetesSecurity #CKS #DevSecOps #K8s #ContainerSecurity #CloudSecurity #DevOps #SRE #CKSExam