Configuring pod security providers

Pod Security Providers allow you to manage the security context for all pods and containers managed by the Strimzi Cluster Operator from a single location. That is, a Security Provider defines the default security context of the pods and containers that the Strimzi Cluster Operator creates and manages.

The following two providers are available.
Baseline
The Baseline Provider is based on the Kubernetes baseline security profile. This is a minimally restrictive profile that prevents privilege escalations and defines other standard access controls and limitations.
Restricted
The Restricted Provider is based on the Kubernetes restricted security profile. This is a highly restrictive profile that is aimed for use in environments where high levels of security is critical.
By default, the Strimzi Cluster Operator uses the Baseline Provider. To use the Restricted Provider, set the STRIMZI_POD_SECURITY_PROVIDER_CLASS environment variable of the Strimzi Cluster Operator to restricted.
helm upgrade csm-operator [***HELM CHART***] --namespace [***NAMESPACE***] \
--set extraEnvs[0].name=STRIMZI_POD_SECURITY_PROVIDER_CLASS \
--set extraEnvs[0].value=resticted \
--reuse-values