Merge pull request #41814 from ugur99/ugur-develop

k8s-ci-robot · web-flow · commit bf75860f4d6f · 2023-09-03T10:19:46.000-07:00
List metrics that relate to Pod security admission
diff --git a/content/en/docs/concepts/security/pod-security-admission.md b/content/en/docs/concepts/security/pod-security-admission.md
@@ -125,6 +125,17 @@ current policy level:
 - Valid updates to `.spec.activeDeadlineSeconds`
 - Valid updates to `.spec.tolerations`
 
+## Metrics
+
+Here are the Prometheus metrics exposed by kube-apiserver:
+
+- `pod_security_errors_total`: This metric indicates the number of errors preventing normal evaluation.
+  Non-fatal errors may result in the latest restricted profile being used for evaluation.
+- `pod_security_evaluations_total`: This metric indicates the number of policy evaluations that have occurred,
+  not counting ignored or exempt requests during exporting.
+- `pod_security_exemptions_total`: This metric indicates the number of exempt requests, not counting ignored
+  or out of scope requests.
+
 ## {{% heading "whatsnext" %}}
 
 - [Pod Security Standards](/docs/concepts/security/pod-security-standards)
