From 212637cfb7a4191f84e94b2e444877153f8cd6c2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E8=B0=AD=E6=88=90?= Date: Fri, 20 Dec 2024 09:34:38 +0800 Subject: [PATCH] Reorder ValidatingAdmissionPolicy components for logical flow --- .../access-authn-authz/validating-admission-policy.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/content/en/docs/reference/access-authn-authz/validating-admission-policy.md b/content/en/docs/reference/access-authn-authz/validating-admission-policy.md index 4e4aa059d4e82..d421bb0ebf2dd 100644 --- a/content/en/docs/reference/access-authn-authz/validating-admission-policy.md +++ b/content/en/docs/reference/access-authn-authz/validating-admission-policy.md @@ -32,15 +32,15 @@ A policy is generally made up of three resources: - The `ValidatingAdmissionPolicy` describes the abstract logic of a policy (think: "this policy makes sure a particular label is set to a particular value"). -- A `ValidatingAdmissionPolicyBinding` links the above resources together and provides scoping. - If you only want to require an `owner` label to be set for `Pods`, the binding is where you would - specify this restriction. - - A parameter resource provides information to a ValidatingAdmissionPolicy to make it a concrete statement (think "the `owner` label must be set to something that ends in `.company.com`"). A native type such as ConfigMap or a CRD defines the schema of a parameter resource. `ValidatingAdmissionPolicy` objects specify what Kind they are expecting for their parameter resource. +- A `ValidatingAdmissionPolicyBinding` links the above resources together and provides scoping. + If you only want to require an `owner` label to be set for `Pods`, the binding is where you would + specify this restriction. + At least a `ValidatingAdmissionPolicy` and a corresponding `ValidatingAdmissionPolicyBinding` must be defined for a policy to have an effect.