Uploaded image for project: 'ONAP Operations Manager'
  1. ONAP Operations Manager
  2. OOM-3289

Kyverno - disallow-priviledged-escalation

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Unresolved
    • Icon: Medium Medium
    • NewDelhi
    • None
    • charts
    • None

      Use in ONAP charts: https://git.onap.org/oom/tree/kubernetes/common/common/templates/_pod.tpl#n67

      Allowed Pod manifest :

      deployment.yaml Collapse source
      spec:
        ...
        template:
          ...
          spec:
            securityContext:
              allowPrivilegeEscalation: false
            ...
            initContainers:
              - name: ...
                ...
                securityContext:
                  allowPrivilegeEscalation: false
            containers:
              - name: someContainer
                ...
                securityContext:
                  allowPrivilegeEscalation: false

            andreasgeissler Andreas Geissler
            andreasgeissler Andreas Geissler
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: