AppArmor is a Linux security module that confines programs by enforcing security policies defined in profiles. It works by restricting programs to only be able to access specific files, directories and system resources as defined in their profiles. Profiles can be generated automatically or manually defined. AppArmor profiles allow specifying what resources a program can access, and it can operate in either complain or enforce mode to log violations or block unauthorized access attempts. Key AppArmor commands are used to generate, load, and manage profiles to confine programs running on the system.