Created
March 7, 2018 16:09
-
-
Save pweil-/2f2861cd5b709b2ed8a821c214ed45ce to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[pweil@localhost origin]$ kubectl describe scc/anyuid | |
Name: anyuid | |
Namespace: | |
Labels: <none> | |
Annotations: kubernetes.io/description=anyuid provides all features of the restricted SCC but allows users to run with any UID and any GID. | |
Allow Host Dir Volume Plugin: false | |
Allow Host IPC: false | |
Allow Host Network: false | |
Allow Host PID: false | |
Allow Host Ports: false | |
Allow Privileged Container: false | |
Allowed Capabilities: <nil> | |
Allowed Flex Volumes: <nil> | |
API Version: security.openshift.io/v1 | |
Default Add Capabilities: <nil> | |
Fs Group: | |
Type: RunAsAny | |
Groups: | |
system:cluster-admins | |
Kind: SecurityContextConstraints | |
Metadata: | |
Creation Timestamp: 2018-02-04T15:21:54Z | |
Resource Version: 13 | |
Self Link: /apis/security.openshift.io/v1/securitycontextconstraints/anyuid | |
UID: 21f92d27-09bf-11e8-b30a-54e1ad07d3bf | |
Priority: 10 | |
Read Only Root Filesystem: false | |
Required Drop Capabilities: | |
MKNOD | |
Run As User: | |
Type: RunAsAny | |
Se Linux Context: | |
Type: MustRunAs | |
Supplemental Groups: | |
Type: RunAsAny | |
Users: | |
Volumes: | |
configMap | |
downwardAPI | |
emptyDir | |
persistentVolumeClaim | |
projected | |
secret | |
Events: <none> | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[pweil@localhost origin]$ oc describe scc/anyuid | |
Name: anyuid | |
Priority: 10 | |
Access: | |
Users: <none> | |
Groups: system:cluster-admins | |
Settings: | |
Allow Privileged: false | |
Default Add Capabilities: <none> | |
Required Drop Capabilities: MKNOD | |
Allowed Capabilities: <none> | |
Allowed Seccomp Profiles: <none> | |
Allowed Volume Types: configMap,downwardAPI,emptyDir,persistentVolumeClaim,projected,secret | |
Allowed Flexvolumes: <all> | |
Allow Host Network: false | |
Allow Host Ports: false | |
Allow Host PID: false | |
Allow Host IPC: false | |
Read Only Root Filesystem: false | |
Run As User Strategy: RunAsAny | |
UID: <none> | |
UID Range Min: <none> | |
UID Range Max: <none> | |
SELinux Context Strategy: MustRunAs | |
User: <none> | |
Role: <none> | |
Type: <none> | |
Level: <none> | |
FSGroup Strategy: RunAsAny | |
Ranges: <none> | |
Supplemental Groups Strategy: RunAsAny | |
Ranges: <none> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment