You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
---apiVersion: policy/v1beta1kind: PodSecurityPolicymetadata: name: ingress-nginx annotations: seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default' seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default'{% if apparmor_enabled %} apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default' apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default'{% endif %} labels: kubernetes.io/cluster-service: 'true' addonmanager.kubernetes.io/mode: Reconcilespec: privileged: false allowPrivilegeEscalation: true allowedCapabilities: - NET_BIND_SERVICE volumes: - 'configMap' - 'emptyDir' - 'projected' - 'secret' - 'downwardAPI' - 'persistentVolumeClaim' hostNetwork: {{ ingress_nginx_host_network|bool }} hostPorts: - min: 0 max: 65535 hostIPC: false hostPID: false runAsUser: rule: 'MustRunAsNonRoot' seLinux: rule: 'RunAsAny' supplementalGroups: rule: 'MustRunAs' ranges: - min: 1 max: 65535 fsGroup: rule: 'MustRunAs' ranges: - min: 1 max: 65535 readOnlyRootFilesystem: false
|
