Merge pull request #29476 from liggitt/podsecurity-audit-annotations

Clarify audit annotation destination
2021-08-19 08:59:24 -07:00 · 2021-08-19 08:59:24 -07:00 · dd2f06f64a
parent d12f42161e 315e290107
commit dd2f06f64a
1 changed files with 3 additions and 3 deletions
--- a/content/en/docs/concepts/security/pod-security-admission.md
+++ b/content/en/docs/concepts/security/pod-security-admission.md
@ -62,9 +62,9 @@ takes if a potential violation is detected:
 {{< table caption="Pod Security Admission modes" >}}
 Mode | Description
 :---------|:------------
-**`enforce`** | Policy violations will cause the pod to be rejected.
-**`audit`** | Policy violations will trigger the addition of an audit annotation, but are otherwise allowed.
-**`warn`** | Policy violations will trigger a user-facing warning, but are otherwise allowed.
+**enforce** | Policy violations will cause the pod to be rejected.
+**audit** | Policy violations will trigger the addition of an audit annotation to the event recorded in the [audit log](/docs/tasks/debug-application-cluster/audit/), but are otherwise allowed.
+**warn** | Policy violations will trigger a user-facing warning, but are otherwise allowed.
 {{< /table >}}

 A namespace can configure any or all modes, or even set a different level for different modes.