Package org.cdk8s.plus20

Interface ContainerSecurityContextProps

  • All Superinterfaces:
    software.amazon.jsii.JsiiSerializable
    All Known Implementing Classes:
    ContainerSecurityContextProps.Jsii$Proxy
    @Generated(value="jsii-pacmak/1.57.0 (build f614666)",
           date="2022-04-26T09:02:10.449Z")
@Stability(Stable)
public interface ContainerSecurityContextProps
extends software.amazon.jsii.JsiiSerializable
    Properties for `ContainerSecurityContext`.

    • Method Detail

      • getEnsureNonRoot

        @Stability(Stable)
@Nullable
default Boolean getEnsureNonRoot()
        Indicates that the container must run as a non-root user.

        If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does.

        Default: false

      • getGroup

        @Stability(Stable)
@Nullable
default Number getGroup()
        The GID to run the entrypoint of the container process.

        Default: - Group configured by container runtime

      • getPrivileged

        @Stability(Stable)
@Nullable
default Boolean getPrivileged()
        Run container in privileged mode.

        Processes in privileged containers are essentially equivalent to root on the host.

        Default: false

      • getReadOnlyRootFilesystem

        @Stability(Stable)
@Nullable
default Boolean getReadOnlyRootFilesystem()
        Whether this container has a read-only root filesystem.

        Default: false

      • getUser

        @Stability(Stable)
@Nullable
default Number getUser()
        The UID to run the entrypoint of the container process.

        Default: - User specified in image metadata