In correlation with the end of life (EOL) for MKE 3.5.x, maintenance of this documentation set was discontinued as of 2023-NOV-22. Click here for the latest MKE 3.x version documentation.

Reenable the privileged PSP for all users

To revert to the default MKE configuration in which all MKE users and service accounts use the privileged PSP, while signed in as a cluster admin, recreate the default ClusterRoleBinding:

cat <<EOF | kubectl create -f -
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: ucp:all:privileged-psp-role
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: privileged-psp-role
subjects:
- kind: Group
  name: system:authenticated
  apiGroup: rbac.authorization.k8s.io
- kind: Group
  name: system:serviceaccounts
  apiGroup: rbac.authorization.k8s.io
EOF