The kubernetes-plugin for Jenkins requires that the Jenkins master can access the api-server for, among other things, creating pods. This means that if Jenkins slaves use the same service account as the Jenkins master, users can grant themselves cluster permissions they are not authorised to have. We already have the ability to make job pods spawn in another namespace (through cloud - kubernetes namespace), which would solve this. Unfortunately, nothing prevents a user from creating a job where they override this value. We want an option to be able to disallow use of the podTemplate field allowing them to configure what namespace to run pods in.