Using Pod Security Standards requires extra fields in resources
Many fields without specific value
Easily forgotten/missed
Unwanted repetition
Add security context if not already present
spec:
securityContext:
+(runAsNonRoot): true
+(runAsUser): 1000
+(runAsGroup): 3000
+(fsGroup): 2000