Skip to content

Instantly share code, notes, and snippets.

@pweil-
Created March 7, 2018 16:09
Show Gist options
  • Save pweil-/2f2861cd5b709b2ed8a821c214ed45ce to your computer and use it in GitHub Desktop.
Save pweil-/2f2861cd5b709b2ed8a821c214ed45ce to your computer and use it in GitHub Desktop.
[pweil@localhost origin]$ kubectl describe scc/anyuid
Name: anyuid
Namespace:
Labels: <none>
Annotations: kubernetes.io/description=anyuid provides all features of the restricted SCC but allows users to run with any UID and any GID.
Allow Host Dir Volume Plugin: false
Allow Host IPC: false
Allow Host Network: false
Allow Host PID: false
Allow Host Ports: false
Allow Privileged Container: false
Allowed Capabilities: <nil>
Allowed Flex Volumes: <nil>
API Version: security.openshift.io/v1
Default Add Capabilities: <nil>
Fs Group:
Type: RunAsAny
Groups:
system:cluster-admins
Kind: SecurityContextConstraints
Metadata:
Creation Timestamp: 2018-02-04T15:21:54Z
Resource Version: 13
Self Link: /apis/security.openshift.io/v1/securitycontextconstraints/anyuid
UID: 21f92d27-09bf-11e8-b30a-54e1ad07d3bf
Priority: 10
Read Only Root Filesystem: false
Required Drop Capabilities:
MKNOD
Run As User:
Type: RunAsAny
Se Linux Context:
Type: MustRunAs
Supplemental Groups:
Type: RunAsAny
Users:
Volumes:
configMap
downwardAPI
emptyDir
persistentVolumeClaim
projected
secret
Events: <none>
[pweil@localhost origin]$ oc describe scc/anyuid
Name: anyuid
Priority: 10
Access:
Users: <none>
Groups: system:cluster-admins
Settings:
Allow Privileged: false
Default Add Capabilities: <none>
Required Drop Capabilities: MKNOD
Allowed Capabilities: <none>
Allowed Seccomp Profiles: <none>
Allowed Volume Types: configMap,downwardAPI,emptyDir,persistentVolumeClaim,projected,secret
Allowed Flexvolumes: <all>
Allow Host Network: false
Allow Host Ports: false
Allow Host PID: false
Allow Host IPC: false
Read Only Root Filesystem: false
Run As User Strategy: RunAsAny
UID: <none>
UID Range Min: <none>
UID Range Max: <none>
SELinux Context Strategy: MustRunAs
User: <none>
Role: <none>
Type: <none>
Level: <none>
FSGroup Strategy: RunAsAny
Ranges: <none>
Supplemental Groups Strategy: RunAsAny
Ranges: <none>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment