https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

kubectl exec {POD} whoami

kubectl edit pod ubuntu-sleeper



apiVersion: v1
kind: Pod
metadata:
  name: security-context-demo-2
spec:
  securityContext:
    runAsUser: 1000
  containers:
  - name: sec-ctx-demo-2
    image: gcr.io/google-samples/node-hello:1.0
    securityContext:
      runAsUser: 2000
      allowPrivilegeEscalation: false

#allowPrivilegeEscalation


[Set capabilities for a Container]
apiVersion: v1
kind: Pod
metadata:
  name: security-context-demo-4
spec:
  containers:
  - name: sec-ctx-4
    image: gcr.io/google-samples/node-hello:1.0
    securityContext:
      capabilities:
        add: ["NET_ADMIN", "SYS_TIME"]

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

32.SecurityContexts.md

32.SecurityContexts.md

Files

32.SecurityContexts.md

Latest commit

History

32.SecurityContexts.md

File metadata and controls